Note: This page contains sample records for the topic secure web applications from Science.gov.
While these samples are representative of the content of Science.gov,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of Science.gov
to obtain the most current and comprehensive results.
Last update: August 15, 2014.
1

Web application security engineering  

Microsoft Academic Search

Integrating security throughout the life cycle can improve overall Web application security. With a detailed review of the steps involved in applying security-specific activities throughout the software development life cycle, the author walks practitioners through effective, efficient application design, development, and testing. With this article, the author shares a way to improve Web application security by integrating security throughout the

J. D. Meier

2006-01-01

2

Securing Web applications  

Microsoft Academic Search

Web application vulnerabilities have become a major concern in software security. We will present major attack patterns, i.e. SQL injection, cross-site scripting, cross-site request forgery, JavaScript hijacking, and DNS rebinding, together with a survey and assessment of the countermeasures available to web application developers.

Dieter Gollmann

2008-01-01

3

Web application security assessment tools  

Microsoft Academic Search

Security testing a Web application or Web site requires careful thought and planning due to both tool and industry immaturity. Finding the right tools involves several steps, including analyzing the development environment and process, business needs, and the Web application's complexity. Here, we describe the different technology types for analyzing Web applications and Web services for security vulnerabilities, along with

Mark Curphey; Rudolph Arawo

2006-01-01

4

Security principles for web applications  

Microsoft Academic Search

In the recent time we have witnessed an expansion of web applications, which are offering a wide range of public and business services. The web applications are efficient and convenient, however, increasing number of new security threats is a risk for both users of web applications and the companies which are offering their services through web applications. In order to

Tamara M. Tanaskovic; Miodrag Z. Zivkovic

2011-01-01

5

TRUST MODELING FOR SECURE WEB APPLICATION DEVELOPMENT  

Microsoft Academic Search

Trust is the main concern in securing web applications and it has to be implemented in every layer of application at the time of development. Building trust based on a proper model is an important step in designing a secure web-based system. Such model should address users' sociological, economical, and personal expectations of trust in every layer of web applications.

Mahmood Doroodchi; Mohammad B. Sharifnia

2008-01-01

6

End-to-end Web Application Security  

Microsoft Academic Search

Web applications are important, ubiquitous distributed systems whose current security relies primarily on server-side mechanisms. This paper makes the end-to- end argument that the client and server must collaborate to achieve security goals, to eliminate common security exploits, and to secure the emerging class of rich, cross- domain Web applications referred to as Web 2.0. In order to support end-to-end

Ulfar Erlingsson; Benjamin Livshits; Yinglian Xie

7

End-to-End Web Application Security  

Microsoft Academic Search

Web applications are important, ubiquitous distributed systems whose current security relies primarily on server-side mechanisms. This paper makes the end-to- end argument that the client and server must collaborate to achieve security goals, to eliminate common security exploits, and to secure the emerging class of rich, cross- domain Web applications referred to as Web 2.0. In order to support end-to-end

Úlfar Erlingsson; V. Benjamin Livshits; Yinglian Xie

2007-01-01

8

Evaluation of web application security risks and secure design patterns  

Microsoft Academic Search

The application of security in web application is of profound importance due to the extended use of web for business. Most of the attacks, are either because the developers are not considering security as a concern or due to the security flaws in designing and developing the applications. The enforcement of security in the software development life cycle of the

Asish Kumar Dalai; Sanjay Kumar Jena

2011-01-01

9

Non-Detrimental Web Application Security Scanning  

Microsoft Academic Search

The World Wide Web has become a sophisticated platform capable of delivering a broad range of applications. However, its rapid growth has resulted in numerous security problems that current technologies cannot address. Researchers from both academic and private sector are devoting a considerable amount of resources to the development of Web application security scanners (i.e., automated software testing platforms for

Yao-wen Huang; Chung-hung Tsai; D. T. Lee; Sy-yen Kuo

2004-01-01

10

Agile development of secure web applications  

Microsoft Academic Search

A secure system is one that is protected against specific undesired outcomes.Delivering a secure system, and particularly a secure web application, is not easy.Integrating general-purpose information systems development methods withsecurity development activities could be a useful means to surmount thesedifficulties Agile processes, such as Extreme Programming, are of increasing interest insoftware development. Most significantly for web applications, agile processesencourage and

Xiaocheng Ge; Richard F. Paige; Fiona A. C. Polack; Howard Chivers; Phillip J. Brooke

2006-01-01

11

Research Directions in Web Site Evolution II: Web Application Security  

Microsoft Academic Search

The growth of inexpensive bandwidth and the maturation of Web development technology have enabled a significant adoption of Web-based applications for interactions between customers and business, between businesses, and between citizens and institutions. However, those same improvements in bandwidth and corresponding rise in Web system complexity has also been of use to those with malicious intent. Thus Web security (the

Porfirio Tramontana; T. Dean; S. Tilley

2007-01-01

12

Securing Timeout Instructions in Web Applications  

Microsoft Academic Search

Timeout mechanisms are a useful feature for web applications. However, these mechanisms need to be used with care because, if used as-is, they are vulner- able to timing attacks. This paper focuses on internal timing attacks, a particularly dangerous class of timing attacks, where the attacker needs no access to a clock. In the context of client-side web application security,

Alejandro Russo; Andrei Sabelfeld

2009-01-01

13

WALSG: A Solution to Web Application Level Security  

Microsoft Academic Search

This paper analyzes the most common security problems of web application level. A model WALSG (Web Application Level Security Gateway) is presen ted to pr ovide web application level security. WALSG employs XML Schema to specify access control policies and security policies for HTML pages and cookies. WALSG can also be used as a secure tool to define access control

Teng Lv; Ping Yan; Zhenxing Wang

2005-01-01

14

Early Detection of Security Misconfiguration Vulnerabilities in Web Applications  

Microsoft Academic Search

This paper presents a web-based tool to supple- ment defense against security misconfiguration vulnerabilities in web applications. The tool automatically audits security con- figuration settings of server environments in web application development and deployment. It also offers features to automat- ically adjust security configuration settings and quantitatively rates level of safety for server environments before deploying web applications. Using the

Birhanu Eshete; Adolfo Villafiorita; Komminist Weldemariam

2011-01-01

15

WEB APPLICATION SECURITY INSTRUCTIONAL PARADIGMS AND THE IS CURRICULUM  

Microsoft Academic Search

This document provides an overview of the growing importance of web application security threats and its role in the IS security curriculum. Two alternative instructional paradigms designed to present web application security were reviewed. Secure Programming curricula have been used to present detailed coverage from a software coding perspective. However, the Secure Programming Paradigm may present challenges in the choice

J. Packy Laverty; John J. Scarpino

2009-01-01

16

Mitigating the authentication vulnerabilities in Web applications through security requirements  

Microsoft Academic Search

To design and implement secure web applications an analysis must start with an understanding of the risks to which application will be exposed. Business-centric Web applications need complex authentication policies to securely implement business processes. Threats against the confidentiality, availability and integrity of the data stored, processed and transmitted by application need to be matched against the policies, technologies and

R. Kumar

2011-01-01

17

Web application security assessment by fault injection and behavior monitoring  

Microsoft Academic Search

As a large and complex application platform, the World Wide Web is capable of delivering a broad range of sophisticated applications. However, many Web applications go through rapid development phases with extremely short turnaround time, making it difficult to eliminate vulnerabilities. Here we analyze the design of Web application security assessment mechanisms in order to identify poor coding practices that

Yao-Wen Huang; Shih-Kun Huang; Tsung-Po Lin; Chung-Hung Tsai

2003-01-01

18

ASIDE: IDE support for web application security  

Microsoft Academic Search

Many of today's application security vulnerabilities are introduced by software developers writing insecure code. This may be due to either a lack of understanding of secure programming practices, and\\/or developers' lapses of attention on security. Much work on software security has focused on detecting software vulnerabilities through automated analysis techniques. While they are effective, we believe they are not sufficient.

Jing Xie; Bill Chu; Heather Richter Lipford; John T. Melton

2011-01-01

19

Clilets: Web Applications with Secure Client-Side Storage  

Microsoft Academic Search

Abstract Today’s web applications require that all data be visible to the server. This is a problem in cases, such as a Web Tax service, where the user may not trust the server with the data. We present the Clilet system, a new web application system that allows sensitive data to be stored securely on the client yet still accessed

Robert Fischer

20

Integrating web application security into the IT curriculum  

Microsoft Academic Search

Attackers are increasingly targeting web applications. Buffer overflows had been the most common vulnerability type since CERT began collecting statistics, but web applica- tion vulnerabilities like cross-site scripting have dominated vulnerability reports since 2005. Despite billions of dol- lars spent on network security, the amount lost to computer crime, much of it the result of the insecurity of web applica-

James Walden

2008-01-01

21

Proposing a hybrid-intelligent framework to secure e-government web applications  

Microsoft Academic Search

One of the essential needs to implement a successful e-Government web application is security. Web application firewalls (WAF) are the most important tool to secure web applications against the increasing number of web application attacks nowadays. WAFs work in different modes depending on the web traffic filtering approach used, such as positive security mode, negative security mode, session-based mode, or

Asaad Moosa; Eanas Muhsen Alsaffar

2008-01-01

22

Web Application Security through Gene Expression Programming  

Microsoft Academic Search

In the paper we present a novel approach based on applying a modern metaheuristic Gene Expression Programming (GEP) to detecting\\u000a web application attacks. This class of attacks relates to malicious activity of an intruder against applications, which use\\u000a a database for storing data. The application uses SQL to retrieve data from the database and web server mechanisms to put\\u000a them

Jaroslaw Skaruz; Franciszek Seredynski

2009-01-01

23

Symbolic security analysis of ruby-on-rails web applications  

Microsoft Academic Search

Many of today's web applications are built on frameworks that include sophisticated defenses against malicious adversaries. However, mistakes in the way developers deploy those defenses could leave applications open to attack. To address this issue, we introduce Rubyx, a symbolic executor that we use to analyze Ruby-on-Rails web applications for security vulnerabilities. Rubyx specifications can easily be adapted to variety

Avik Chaudhuri; Jeffrey S. Foster

2010-01-01

24

Web-Application Security: From Reactive to Proactive  

Microsoft Academic Search

Here's a sobering thought for all managers responsible for Web applications: Without proactive consideration for an application's security, attackers can bypass nearly all lower-layer security controls simply by using the application in a way its developers didn't envision. Learn how to address vulnerabilities proactively and early on to avoid the devastating consequences of a successful attack.

John R. Maguire; H. Gilbert Miller

2010-01-01

25

Towards agile security in web applications  

Microsoft Academic Search

In this paper, we present an approach that we have used to address security when running projects according to agile principles. Misuse stories have been added to user stories to capture malicious use of the application. Furthermore, misuse stories have been implemented as automated tests (unit tests, acceptance tests) in order to perform security regression testing. Penetration testing, system hardening

Vidar Kongsli

2006-01-01

26

Web Application Security—Past, Present, and Future  

Microsoft Academic Search

Web application security remains a major roadblock to universal acceptance of the Web for many kinds of online transactions,\\u000a especially since the recent sharp increase in remotely exploitable vulnerabilities has been attributed to Web application\\u000a bugs. In software engineering, software testing is an established and well-researched process for improving software quality.\\u000a Recently, formal verification tools have also shown success in

Yao-Wen Huang; D. T. Lee

27

Web application security: Improving critical web-based applications quality through in-depth security analysis  

Microsoft Academic Search

m Abstract- The Internet, and in particular the World Wide Web, have become one of the most common communication mediums in the World. Millions of users connect everyday to different web-based applications to search for information, exchange messages, interact with each other, conduct business, pay taxes, perform financial operations and many more. Some of these critical web-based services are targeted

Nuno Teodoro; Carlos Serrao

2011-01-01

28

Web Programming and Security  

NSDL National Science Digital Library

The web uses complex applications that run on heterogeneous browsers that may be built using programming technologies such as Javascript, AJAX, Google Web Toolkit, Apache Struts, Java Server Faces, and Rails. This course covers how core web technologies work; common security vulnerabilities; and how to build secure web applications that avoid them.

Mitchell, John

2009-02-24

29

Anomaly detection using negative security model in web application  

Microsoft Academic Search

Today's combat zone for both ethical and unethical hackers is the web. Rapid growth of web sites and web applications gives way to deliver complex business applications through the web. As the web dependency increases, so do the web hacking activities. Web applications are normally written in scripting languages like JavaScript, PHP embedded in HTML allowing connectivity to the databases,

M. Auxilia; D. Tamilselvan

2010-01-01

30

Work in progress — Web penetration testing: Effectiveness of student learning in Web application security  

Microsoft Academic Search

Web penetration testing embodies both the understanding of attack and defense philosophies. By learning malicious hacking activities, students will understand the perspectives of attackers and realize how to defend a Web application system. To foster information security education, it is important to introduce the attack understanding philosophy. Using student group projects, this study aims to measure student learning effectiveness in

Hwee-Joo Kam; Joshua J. Pauli

2011-01-01

31

Security Standards Perspective to Fortify Web Database Applications from Code Injection Attacks  

Microsoft Academic Search

In recent years, web application security has become the primary discussion for security experts, as application attacks are constantly on rise and posing new risks for organizations. Several trends have emerged lately in the attacks launched against Web application. The implementation of International security standard is to minimize the security failures and to mitigate their consequences. The aim of this

Sushila Madan; Supriya Madan

2010-01-01

32

A Design and Implementation of Profile Based Web Application Securing Proxy  

Microsoft Academic Search

\\u000a Recently, the security threat on web application is increasing rapidly and especially open source web applications are becoming\\u000a popular target of web server hacking. And more there was a worm which spread via web application vulnerabilities. Web application\\u000a attack uses the vulnerability not in web server itself, but in structural, logical, and code errors. The majority of flaws\\u000a in web

Youngtae Yun; Yosik Kim; Jaecheol Ryou

2006-01-01

33

Security Testing in Agile Web Application Development - A Case Study Using the EAST Methodology  

Microsoft Academic Search

\\u000a There is a need for improved security testing methodologies specialized for Web applications and their agile development environment.\\u000a The number of web application vulnerabilities is drastically increasing, while security testing tends to be given a low priority.\\u000a In this paper, we analyze and compare Agile Security Testing with two other common methodologies for Web application security\\u000a testing, and then present

Gencer Erdogan; Per Håkon Meland; Derek Mathieson

2010-01-01

34

Dynamic multi-process information flow tracking for web application security  

Microsoft Academic Search

Although there is a large body of research on detection and prevention of such memory corruption attacks as buer overflow, integer overflow, and format string attacks, the web application security prob- lem receives relatively less attention from the research community by comparison. The majority of web application security problems origi- nate from the fact that web applications fail to perform

Susanta Nanda; Lap-chung Lam; Tzi-cker Chiueh

2007-01-01

35

An Analysis of BlackBox Web Application Security Scanners against Stored SQL Injection  

Microsoft Academic Search

Web application security scanners are a compilation of various automated tools put together and used to detect security vulnerabilities in web applications. Recent research has shown that detecting stored SQL injection, one of the most critical web application vulnerabilities, is a major challenge for black-box scanners. In this paper, we evaluate three state of art black-box scanners that support detecting

Nidal Khoury; Pavol Zavarsky; Dale Lindskog; Ron Ruhl

2011-01-01

36

Open, flexible and portable secure web-based health applications.  

PubMed

This paper presents a totally generic client-server model for accessing legacy and new databases according to the three tier architecture principles. It is based on an integrated environment that eases the dynamic creation and instantiation of secure web applications that access multiple database management systems. Emphasis is placed on the ability to query almost any type of relational database and queries can simultaneously address a multitude of data sources. The information is collected, assembled and presented to users depending on a possible set of user profiles. These profiles originate from work on securing the conduct of clinical studies. This has been achieved in the context of the EU funded project HARP (Harmonisation for the Security of Web Technologies and Applications). The generic character of the model is exploited through an accompanying set of development tools. This permits efficient and effective creation and maintenance of applications in several domains of health telematics and beyond. Main merit is the lightweight character of the resulting platform, whereby all necessary instantiations are accomplished through a set of related XML documents. PMID:15061523

Vlachos, Michael; Stassinopoulos, George

2003-01-01

37

A testing framework for Web application security assessment  

Microsoft Academic Search

The rapid development phases and extremely short turnaround time of Web applications make it difficult to elim- inate their vulnerabilities. Here we study how software testing techniques such as fault injection and runtime monitoring can be applied to Web applications. We implemented our proposed mechanisms in the Web Application Vulnerability and Error Scanner (WAVES)—a black-box testing framework for automated Web

Yao-wen Huang; Chung-hung Tsai; Tsung-po Lin; Shih-kun Huang; D. T. Lee; Sy-yen Kuo

2005-01-01

38

SENTINEL: securing database from logic flaws in web applications  

Microsoft Academic Search

Logic flaws within web applications allow the attackers to disclose or tamper sensitive information stored in back-end databases, since the web application usually acts as the single trusted user that interacts with the database. In this paper, we model the web application as an extended finite state machine and present a black-box approach for deriving the application specification and detecting

Xiaowei Li; Wei Yan; Yuan Xue

2012-01-01

39

Web Application Security Gateway with Java Non-blocking IO  

Microsoft Academic Search

We present the design and implementation of the WebDaemon Security Gateway (WDSG) with the techniques of event-driving, non-blocking\\u000a IO multiplexing, secure cookies, SSL and caches based on PKI framework and role-based access control (RBAC) policy. It not\\u000a only supports massive concurrency and avoids the pitfalls of traditional block I\\/O based design, but also is able to secure\\u000a all the resources

Zhenxing Luo; Nuermaimaiti Heilili; Dawei Xu; Chen Zhao; Zuoquan Lin

2006-01-01

40

Review of Web Applications Security and Intrusion Detection in Air Traffic Control Systems.  

National Technical Information Service (NTIS)

This report presents the results of our audit of Web applications security and intrusion detection in air traffic control (ATC) systems. This audit was requested by the Ranking Minority members of the House Committee on Transportation and Infrastructure a...

2009-01-01

41

Towards a Formal Foundation of Web Security  

Microsoft Academic Search

We propose a formal model of web security based on an abstraction of the web platform and use this model to analyze the security of several sample web mechanisms and applications. We identify three distinct threat models that can be used to analyze web applications, ranging from a web attacker who controls malicious web sites and clients, to stronger attackers

Devdatta Akhawe; Adam Barth; Peifung E. Lam; John C. Mitchell; Dawn Song

2010-01-01

42

Automatic Test Approach of Web Application for Security (AutoInspect)  

Microsoft Academic Search

\\u000a We present an automatic test approach to improve the security of web application, which detects vulnerable spots based on\\u000a black box test through three phases of craw, test, and report. The test process considers a blind point for security through\\u000a the development life cycle, the faults of web application and server setup in a various point of attackers, etc. The

Kyung Cheol Choi; Gun Ho Lee

2006-01-01

43

On the Automated Creation of Understandable Positive Security Models for Web Applications  

Microsoft Academic Search

Web applications pose new security-related challenges since attacks on web applications strongly differ from those on client-server applications. Traditional network-based firewall systems offer no protection against this kind of attacks since they occur on the application-level. The current solution is the manual definition of large sets of filtering rules which should prevent malicious attempts from being successful. We propose a

Christian Bockermann; Ingo Mierswa; Katharina Morik

2008-01-01

44

Defining a Set of Common Benchmarks for Web Application Security  

Microsoft Academic Search

A recent explosion in the number of security vulnerabilities being discovered every day motivated a great deal of interest in tools that attempt to address this problem. While buffer overruns have been plaguing C programs for years, application-level vul- nerabilities such as SQL injections, cross-site scripting, and path traversal attacks have become increasingly common in the last year. Looking at

Benjamin Livshits

45

Teaching Web Security Using Portable Virtual Labs  

ERIC Educational Resources Information Center

We have developed a tool called Secure WEb dEvelopment Teaching (SWEET) to introduce security concepts and practices for web application development. This tool provides introductory tutorials, teaching modules utilizing virtualized hands-on exercises, and project ideas in web application security. In addition, the tool provides pre-configured…

Chen, Li-Chiou; Tao, Lixin

2012-01-01

46

Using Incremental JavaServer Faces Projects for Promoting Active Learning in Teaching Web Applications & Security  

Microsoft Academic Search

This paper introduces the pedagogical approach of using incremental lab projects for promoting active learning in teaching Web applications and Security. These incremental lab projects are easy to learn, easy to implement, and relevant with the targeted subjects in nature. This set of lab projects starts with a base project and progressively becomes more complicated as more requirements are introduced

Cheer-Sun Yang

2006-01-01

47

Web engineering security: a practitioner's perspective  

Microsoft Academic Search

There are a number of critical factors driving security in Web Engineering. These include: economic issues, people issues, and legislative issues. This paper presents the argument that a Security Improvement Approach (SIA), which can be applied to different Web engineering development processes, is essential to successfully addressing Web application security. In this paper, the criteria that any SIA will have

William Bradley Glisson; Andrew Mcdonald; Ray Welland

2006-01-01

48

Case for avoiding security-enhanced HTTP tools to improve security for Web-based applications.  

National Technical Information Service (NTIS)

This paper describes some of the general weaknesses of the current popular Hypertext Transmission Protocol (HTTP) security standards and products in an effort to show that these standards are not appealing for many applications. The author will then show ...

B. Wood

1996-01-01

49

An Analysis Framework for Security in Web Applications  

Microsoft Academic Search

Software systems interact with outside environments (e.g., by taking inputs from a user) and usually have particular assumptions about these environments. Unchecked or im- properly checked assumptions can aect security and reli- ability of the systems. A major class of such problems is the improper validation of user inputs. In this paper, we present the design of a static analysis

Gary Wassermann; Zhendong Su

2004-01-01

50

Developing secure Web-applicationsSecurity criteria for the development of e-Democracy Web-applications  

Microsoft Academic Search

One of the most important requirements in government websites is the security. The Data Protection Act, Human Rights Act and\\u000a other legislation require that privacy is respected. Beyond this, Government websites must be secure to build trust and maintain\\u000a the reputation of electronic government. This will be seriously damaged if websites are defaced, services are unavailable\\u000a or sensitive information is

António Pacheco; Carlos Serrão

51

Web Applications Security Assessment in the Portuguese World Wide Web Panorama  

Microsoft Academic Search

\\u000a Following the EU Information and Communication Technologies agenda, the Portuguese Government has started the creation of\\u000a many applications, enabling electronic interaction between individuals, companies and the public administration – the e-Government.\\u000a Due to the Internet open nature and the sensitivity of the data that those applications have to handle, it is important to\\u000a ensure and assess their security. Financial institutions,

Nuno Teodoro; Carlos Serrão

52

Spiral System Implementation Methodology: Application of the Knowledge Web in the Security-Center Transformation Project.  

National Technical Information Service (NTIS)

This paper reports progress and practical experience in security- requirements engineering using the security center Knowledge Web (KWeb) as a case study. It describes the project, architecture, and the approach of the Spiral System Implementation Methodo...

J. Waters M. Stelmach M. Ceruti

2005-01-01

53

Testing Web Applications  

Microsoft Academic Search

The rapid diffusion of Internet and open standard technologies is producing a significant growth of the demand of Web sites and Web applications with more and more strict requirements of usability, reliability, interoperability and security. While several methodological and technological proposals for developing Web applications are coining both from industry and academia, there is a general lack of methods and

Giuseppe Antonio Di Lucca; Anna Rita Fasolino; Francesco Faralli; Ugo De Carlini

2002-01-01

54

An Empirical Study of the Evolution of PHP Web Application Security  

Microsoft Academic Search

Web applications are increasingly subject to mass attacks, with vulnerabilities found easily in both open source and commercial applications as evinced by the fact that approximately half of reported vulnerabilities are found in web applications. In this paper, we perform an empirical investigation of the evolution of vulnerabilities in fourteen of the most widely used open source PHP web applications,

Maureen Doyle; James Walden

2011-01-01

55

Modeling and Testing Secure Web-Based Systems: Application to an Industrial Case Study  

Microsoft Academic Search

Ensuring that a Web-based system respects its security requirements is a critical issue that has become more and more difficult to perform in these last years. This difficulty is due to the complexity level of such systems as well as their variety and increasing distribution. To guarantee such a respect, we need to test the target Web system by applying

Wissam Mallouli; Mounir Lallali; Gerardo Morales; Ana Rosa Cavalli

2008-01-01

56

AsyncHttpEvalRequest: A New Primitive for Downloading Web Applications Incrementally and Securely  

Microsoft Academic Search

The evolution of the World Wide Web has progressed from simple, classic Web pages with text and static images only to Web 2.0 pages with rich multimedia content, mashups and desktop-style applications. The cornerstone of Web 2.0 technologies is an API called XMLHttpRequest - an interface that allows network requests to be performed asynchronously without blocking the user interface of

Janne Kuuskeri; Tommi Mikkonen; Antero Taivalsaari

2009-01-01

57

Security in Distributed Applications  

Microsoft Academic Search

The security requirements on an IT system ultimately depend on the applications that make use of it. To put today’s challenges\\u000a into perspective we map the evolution of distributed systems security over the past 40 years. We then focus on web applications\\u000a as an important current paradigm for deploying distributed applications. We discuss the security policies relevant for the\\u000a current

Dieter Gollmann

2007-01-01

58

Asset Assessment in Web Applications  

Microsoft Academic Search

Security, a quality attribute in web applications, improves the level of quality in the processes needed to manage information, and therefore achieving business objectives. Web Engineering must address new challenges facing web application development in order to offer new techniques that guarantee high quality applications. This work is part of an over all project that focuses on Risk Assessment in

Brunil Dalila Romero Marino; Hisham M. Haddad

2010-01-01

59

Gordon and Mike's ICT Podcast: Flat World Strategies: Web 2.0 Application Security Threats  

NSDL National Science Digital Library

Gordon and Mike's ICT Podcast offers perspectives on the information and communication technologies (ICT) industries from Gordon Snyder and Mike Qaissaunee. In this podcast, Mike and Gordon discuss the vulnerabilities of Web 2.0 technologies by examining the seven threats identified by security experts at SPI Dynamics, Inc. The running time for this show is 23:26.This podcast is available for direct download in mp3 format from the Libsyn site, or click here to subscribe to the whole series in iTunes.

Qaissaunee, Michael; Snyder, Gordon F.

2008-02-20

60

Message level security for web services  

Microsoft Academic Search

Security and web services are consistently reported among the top technologies of interest to businesses. Concerns about security are a major deterrent to companies considering use of the technology. This paper provides a summary of the emerging consensus on security for collaborative business using web services in an open environment. The most common security measure using transport layer security may

Paul Kearney

2005-01-01

61

IT Security: Target: The Web  

ERIC Educational Resources Information Center

In December, Microsoft announced a major security flaw affecting its Internet Explorer web browser. The flaw allowed hackers to use hidden computer code they had already injected into legitimate websites to steal the passwords of visitors to those sites. Reportedly, more than 10,000 websites were infected with the destructive code by the time…

Waters, John K.

2009-01-01

62

Web Services Security Problem in Service-oriented Architecture  

NASA Astrophysics Data System (ADS)

With the development and universal application of SOA technology, security issues of Web services based on heterogeneous platform have become increasingly prominent. This article first introduces two security different solutions of Microsoft Net, Apache Axis platform. At the same time for the security issues between heterogeneous platforms. A Web services security mode based on the .NET platform and the Axis2 platform is proposed in the papers. We also pointed out the direction of the future research.

Yue, Hua; Tao, Xu

63

REFEREE: Trust Management for Web Applications  

Microsoft Academic Search

Digital signatures provide a mechanism for guaranteeing integrity and authenticity of Web content but not more general notions of security or trust. Web-aware applications must permit users to state clearly their own security policies and, of course, must provide the cryptographic tools for manipulating digital signatures. This paper describes the REFEREE trust management system for Web applications; REFEREE provides both

Yang-hua Chu; Joan Feigenbaum; Brian A. Lamacchia; Paul Resnick; Martin Strauss

1997-01-01

64

Automatically Hardening Web Applications Using Precise Tainting  

Microsoft Academic Search

Most web applications contain security vulnerabilities. The simple and natural ways of creating a web application are prone to SQL injection attacks and cross-site scripting attacks as well as other less common vulnerabilities. In response, many tools have been developed for detecting or mitigating common web application vulnerabilities. Existing techniques either require effort from the site developer or are prone

Anh Nguyen-tuong; Salvatore Guarnieri; Doug Greene; Jeff Shirley; David Evans

2005-01-01

65

D-WAV: A Web Application Vulnerabilities Detection Tool Using Characteristics of Web Forms  

Microsoft Academic Search

Finding effective approaches to detect vulnerabilities is important to guarantee the security of Web applications. Web application security issues are mostly related to malicious input data and Web forms are the main interface to input these data. According to the above observation, we propose a novel approach to detect Web application vulnerabilities. In our approach, given a URL, we get

Lijiu Zhang; Qing Gu; Shushen Peng; Xiang Chen; Haigang Zhao; Daoxu Chen

2010-01-01

66

Security Aware Mobile Web Service Provisioning  

Microsoft Academic Search

Mobile data services in combination with profluent web services are seemingly\\u000athe path breaking domain in current information research. Effectively, these\\u000amobile web services will pave the way for exciting performance and security\\u000achallenges, the core need-to-be-addressed issues. On security front, though a\\u000alot of standardized security specifications and implementations exist for web\\u000aservices in the wired networks, not much

Satish Narayana Srirama; Matthias Jarke; Wolfgang Prinz; Kiran Pendyala

2010-01-01

67

Automatic Generating Test Cases for Testing Web Applications  

Microsoft Academic Search

In order to ensure the security and reliability of Web application, the testing of Web application is one of the most effective methods. This work regards a Web application as the composition of different interactive logical components (LCs). We combine LCs with agent to assist to automatic generate test cases for testing Web applications. From pages-flow-diagram (PFD) of Web application

Shengbo Chen; Huaikou Miao; Zhongsheng Qian

2007-01-01

68

Mobile Security for Internet Applications  

Microsoft Academic Search

The WebSIM is a technology for interfacing GSM SIMs with the Internet, by implementing a Web server inside a SIM. This paper discusses how this technology can be used for securing services over the Internet and describes several concrete application scenarios.

Roger Kehr; Joachim Posegga; Roland Schmitz; Peter Windirsch

2001-01-01

69

Intrusion detection in web applications using text mining  

Microsoft Academic Search

Information security has evolved from just focusing on the network and server layers to also include the web application layer. In fact, security in some types of web applications is often considered a particularly sensitive subject. Achieving a secure web application involves several different issues like encrypting traffic and certain database information, strictly restricting the access control, etc. In this

Juan Manuel Pikatza Atxa

2007-01-01

70

Combined Web\\/mobile authentication for secure Web access control  

Microsoft Academic Search

Previous Web access authentication systems have used either the Web or the mobile channel individually to confirm the claimed identity of the remote user. Both approaches proved to be insecure when used in isolation. An investigation is presented into the enhanced security of a new combined Web\\/mobile authentication system. The hybrid system enables a strong authentication by augmenting the traditional

Ali Al-Qayedi; Wael Adi; Ahmed Zahro; Ali Mabrouk

2004-01-01

71

Software Assurance Tools: Web Application Security Scanner Functional Specification Vrsion 1.0.  

National Technical Information Service (NTIS)

This document is a guide to the basic technical aspects of conducting information security assessments. It presents technical testing and examination methods and techniques that an organization might use as part of an assessment, and offers insights to as...

E. Fong P. E. Black R. Gaucher V. Okun

2008-01-01

72

Web Server Security on Open Source Environments  

NASA Astrophysics Data System (ADS)

Administering critical resources has never been more difficult that it is today. In a changing world of software innovation where major changes occur on a daily basis, it is crucial for the webmasters and server administrators to shield their data against an unknown arsenal of attacks in the hands of their attackers. Up until now this kind of defense was a privilege of the few, out-budgeted and low cost solutions let the defender vulnerable to the uprising of innovating attacking methods. Luckily, the digital revolution of the past decade left its mark, changing the way we face security forever: open source infrastructure today covers all the prerequisites for a secure web environment in a way we could never imagine fifteen years ago. Online security of large corporations, military and government bodies is more and more handled by open source application thus driving the technological trend of the 21st century in adopting open solutions to E-Commerce and privacy issues. This paper describes substantial security precautions in facing privacy and authentication issues in a totally open source web environment. Our goal is to state and face the most known problems in data handling and consequently propose the most appealing techniques to face these challenges through an open solution.

Gkoutzelis, Dimitrios X.; Sardis, Manolis S.

73

Security for Web-Based Tests.  

ERIC Educational Resources Information Center

The purpose of this paper is to enumerate a series of security steps that might be taken by those researchers or organizations that are contemplating Web-based tests and performance assessments. From a security viewpoint, much of what goes on with Web-based transactions is similar to other general computer activity, but the recommendations here…

Shermis, Mark D.; Averitt, Jason

74

A Survey on Web Application Vulnerabilities (SQLIA, XSS) Exploitation and Security Engine for SQL Injection  

Microsoft Academic Search

Today almost all organizations have improved their performance through allowing more information exchange within their organization as well as between their distributers, suppliers, and customers using web support. Databases are central to the modern websites as they provide necessary data as well as stores critical information such as user credentials, financial and payment information, company statistics etc. These websites have

Rahul Johari; Pankaj Sharma

2012-01-01

75

Designing, Implementing, and Evaluating Secure Web Browsers  

ERIC Educational Resources Information Center

Web browsers are plagued with vulnerabilities, providing hackers with easy access to computer systems using browser-based attacks. Efforts that retrofit existing browsers have had limited success since modern browsers are not designed to withstand attack. To enable more secure web browsing, we design and implement new web browsers from the ground…

Grier, Christopher L.

2009-01-01

76

Model Composition and Generating Tests for Web Applications  

Microsoft Academic Search

Nowadays, with the prevalence of Web applications, more and more services and information are available over the Internet while their correctness, security and reliability are often crucial to the success of business and organizations. Web testing is one of the methods to ensure the Web security. However, due to the special characters of Web applications, traditional testing methods are not

Bo Song; Shengwen Gong; Shengbo Chen

2011-01-01

77

Structural Testing of Web Applications  

Microsoft Academic Search

In recent years, Web applications have become prevalent around the world. Many companies have developed or integrated their mission-critical applications using Web technologies. As Web applications become more complex, testing Web applications becomes crucial. We extend data flow testing techniques to Web applications. Several data flow issues for analyzing HTML and eXtensible Markup Language (XML) documents in Web applications are

Chien-hung Liu; David Chenho Kung; Pei Hsia; Chih-tung Hsu

2000-01-01

78

Web Browser Security Update Effectiveness  

NASA Astrophysics Data System (ADS)

We analyze the effectiveness of different Web browser update mechanisms on various operating systems; from Google Chrome's silent update mechanism to Opera's update requiring a full re-installation. We use anonymized logs from Google's world wide distributed Web servers. An analysis of the logged HTTP user-agent strings that Web browsers report when requesting any Web page is used to measure the daily browser version shares in active use. To the best of our knowledge, this is the first global scale measurement of Web browser update effectiveness comparing four different Web browser update strategies including Google Chrome. Our measurements prove that silent updates and little dependency on the underlying operating system are most effective to get users of Web browsers to surf the Web with the latest browser version.

Duebendorfer, Thomas; Frei, Stefan

79

Crowdsourced Web Augmentation: A Security Model  

Microsoft Academic Search

\\u000a Web augmentation alters the rendering of existing Web applications at the back of these applications. Changing the layout, adding\\/removing content or providing additional\\u000a hyperlinks\\/widgets are examples of Web augmentation that account for a more personalized user experience. Crowdsourced Web augmentation considers end users not only the beneficiaries but also the contributors of augmentation scripts. The fundamental\\u000a problem with so augmented

Cristóbal Arellano; Oscar Díaz; Jon Iturrioz

2010-01-01

80

Generating Test Case from Functional Requirement of Web Applications  

Microsoft Academic Search

E-commerce has been developing rapidly around the world. We run Web application to support e-commerce. Quality of Web applications influences the functionalities and security of e-commerce. Modeling and testing are important to quality of web applications. Many researchers are still to find effective ways to model and test Web applications. Formal methods can improve the quality of Web applications. This

Bin Zhu; Huaikou Miao; Hongwei Zeng; Shengbo Chen

2009-01-01

81

WebCanal: A Multicast Web Application  

Microsoft Academic Search

This paper addresses the problems related to multipoint distribution of Web documents over Internet. We present a multicast Web application which allows the sharing of Web resources among a group of people by using the MBONE technology. We describe a general-purposed light-weight reliable multicast transport protocol (LRMP) which is an important building block of the application. We will also discuss

Tie Liao

1997-01-01

82

Factsheets Web Application.  

National Technical Information Service (NTIS)

The Factsheets web application was conceived out of the requirement to create, update, publish, and maintain a web site with dynamic research and development (R and D) content. Before creating the site, a requirements discovery process was done in order t...

F. G. Vigil R. G. Reeder

2000-01-01

83

Complex Image Recognition and Web Security  

Microsoft Academic Search

Web services offered for human use are being abused by programs. Efforts to defend against these abuses have, over the last 5 years, stimulated the development of a new family of security protocols able to distinguish between human and machine users automatically over graphical user interfaces (GUIs) and networks. AltaVista pioneered this technology in 1997; by 2000, Yahoo! and PayPal

Henry S. Baird

84

Web Hosting — The Security Risks  

Microsoft Academic Search

A company’s website is critical to it’s business. It relies on the site to provide information to its customers — as an interface to communicate with them or sell goods online. As such, it needs to be available 24 hours a day, seven days a week, providing a lightening fast response with first grade security. These things cannot always be

Deri Jones

2001-01-01

85

Reliability, compliance, and security in web-based course assessments  

NSDL National Science Digital Library

Pre- and postcourse assessment has become a very important tool for education research in physics and other areas. The web offers an attractive alternative to in-class paper administration, but concerns about web-based administration include reliability due to changes in medium, student compliance rates, and test security, both question leakage and utilization of web resources. An investigation was carried out in introductory astronomy courses comparing pre- and postcourse administration of assessments using the web and on paper. Overall no difference was seen in performance due to the medium. Compliance rates fluctuated greatly, and factors that seemed to produce higher rates are identified. Notably, email reminders increased compliance by 20%. Most of the 559 students complied with requests to not copy, print, or save questions nor use web resources; about 1% did copy some question text and around 2% frequently used other windows or applications while completing the assessment.

Bonham, Scott W.

2008-09-24

86

A Security Mechanism of Web Services-Based Communication for Wind Power Plants  

Microsoft Academic Search

The IEC 61400-25 standard has defined the mapping of wind power-plant information model to Web services (WS). Ensuring the security of WS-based communication for wind power plants is an unsolved problem. WS-security is a standard used to deal with the security requirements in applications of Web services, while the username\\/password and X.509 certificates are security tokens most commonly used in

Nian Liu; Jianhua Zhang; Wenxia Liu

2008-01-01

87

Research and Realization of WEB Security Auto-Testing Tool Based on AHP  

Microsoft Academic Search

In the process of software production, testing is the premise to guarantee the quality of software. With the extensive application of network software, Web security test has become a key point that can not neglect. Based on the Analytic Hierarchy Process (AHP) algorithm, a new kind of Web security testing programme was introduced in this paper. According to which it

Rihong Wang; Ying Xu; Ying Xiang

2010-01-01

88

Engineering Web Applications for Reuse  

Microsoft Academic Search

In this paper we present Web design frameworks as a conceptual approach to maximize reuse in Web applications. We first analyze the current state of the art of Web applications design, stating the need for an approach that clearly separates concerns (conceptual, navigational, interface). We briefly introduce the OOHDM approach for Web applications design. We next focus on the problem

Daniel Schwabe; Luiselena Esmeraldo; Gustavo Rossi; Fernando Lyardet

2001-01-01

89

Designing personalized web applications  

Microsoft Academic Search

The goal of this paper is to argue the need to approach the personalization issues in Web applications from the very beginning in the application's development cycle. Since personalization is a critical aspect in many popular domains such as e-commerce, it important enough that it should be dealt with through a design view, rather than only an implementation view (which

Gustavo Rossi; Daniel Schwabe; Robson Guimarães

2001-01-01

90

A Metrics Framework to Drive Application Security Improvement  

Microsoft Academic Search

Web applications' functionality and user base have evolved along with the threat landscape. Although controls such as network firewalls are essential, they're wholly insufficient for providing overall Web application security. They provide security for underlying hosts and a means of communication, but do little to aid the application resist attack against its software implementation or design. Enterprises must therefore focus

Elizabeth A. Nichols; Gunnar Peterson

2007-01-01

91

Bridging the gap between web application firewalls and web applications  

Microsoft Academic Search

Web applications are the Achilles heel of our current ICT in- frastructure. NIST's national vulnerability database clearly shows that the percentage of vulnerabilities located in the application layer increases steadily. Web Application Fire- walls (WAFs) play an important role in preventing exploita- tion of vulnerabilities in web applications. However, WAFs are very pragmatic and ad hoc, and it is very

Lieven Desmet; Frank Piessens; Wouter Joosen; Pierre Verbaeten

2006-01-01

92

Factsheets Web Application  

SciTech Connect

The Factsheets web application was conceived out of the requirement to create, update, publish, and maintain a web site with dynamic research and development (R and D) content. Before creating the site, a requirements discovery process was done in order to accurately capture the purpose and functionality of the site. One of the high priority requirements for the site would be that no specialized training in web page authoring would be necessary. All functions of uploading, creation, and editing of factsheets needed to be accomplished by entering data directly into web form screens generated by the application. Another important requirement of the site was to allow for access to the factsheet web pages and data via the internal Sandia Restricted Network and Sandia Open Network based on the status of the input data. Important to the owners of the web site would be to allow the published factsheets to be accessible to all personnel within the department whether or not the sheets had completed the formal Review and Approval (R and A) process. Once the factsheets had gone through the formal review and approval process, they could then be published both internally and externally based on their individual publication status. An extended requirement and feature of the site would be to provide a keyword search capability to search through the factsheets. Also, since the site currently resides on both the internal and external networks, it would need to be registered with the Sandia search engines in order to allow access to the content of the site by the search engines. To date, all of the above requirements and features have been created and implemented in the Factsheet web application. These have been accomplished by the use of flat text databases, which are discussed in greater detail later in this paper.

VIGIL,FRANK; REEDER,ROXANA G.

2000-10-30

93

Dragnet? No, Internet! Campus Security on the Web.  

ERIC Educational Resources Information Center

Examines college campus security's use of an Internet Web page to better inform its students and enhance campus law enforcement. The University of Richmond security Web site is provided as an example of how an interactive security system works. It notes that this system is available free to campus law enforcement agencies able to satisfy certain…

Fickes, Michael

1998-01-01

94

Environment-Driven Threats Elicitation for Web Applications  

Microsoft Academic Search

\\u000a The popularity and complexity of web application present challenges to the security implementation for web engineering. Threat\\u000a elicitation is an indispensable step for developers to identify the possible threats to the web applications in the early\\u000a phase of software development. In this context, a novel approach is proposed to ease the threats elicitation for web application\\u000a by using a defined

Hui Guan; Weiru Chen; Lin Liu; Hongji Yang

95

Unified Approach to Vulnerability Analysis of Web Applications  

NASA Astrophysics Data System (ADS)

Web vulnerabilities in web-based applications may be detected, classified and documented. Several Web scanners exist for vulnerabilities in Web applications implemented via different technologies. However, none of them provides the technology-independent, generic coverage of possible vulnerabilities. In this project that is funded by Mindef Singapore, we propose a new approach for Web application security and vulnerability analysis. The design addresses the categorization of scanner results with a generic data model and the design of a language-independent rule-based engine that detects, analyses and reports suspected vulnerabilities in web-based applications.

Le, H. T.; Loh, P. K. K.

2008-11-01

96

75 FR 47320 - Millington Securities, Inc., et al.; Notice of Application  

Federal Register 2010, 2011, 2012, 2013

...Secretary, Securities and Exchange...o Millington Securities, Inc., 222...summary of the application. The complete application may be obtained...Commission's Web site by searching...registered under the Securities Exchange...

2010-08-05

97

Toward an Integrated System for Command and Control Net-Centric Web Services and Sustainment: Application to Homland Security.  

National Technical Information Service (NTIS)

This paper describes the architecture and requirements of an integrated system that is needed to support the command-and-control requirements of the Department of Homeland Security during crisis prevention, disaster relief, and other critical operations. ...

J. Waters K. Adams M. G. Ceruti S. F. Lehan S. H. Rubin

2010-01-01

98

Implementing Open Authentication for Web Services with a Secure Memory Card  

Microsoft Academic Search

Open authentication protocols have become a standard solution to allow interfacing of third-party applications and websites. This paper presents a rationale for the use of secure memory cards with NFC-enabled service. A software application prototype is presented to show how a secure memory card can provide a portable authentication module to access web services. The prototype shows that it is

Aki-Petteri Leinonen; Tuomo Tuikka; Erkki Siira

2012-01-01

99

Bypass Testing of Web Applications  

Microsoft Academic Search

Web software applications are increasingly being de- ployed in sensitive situations. Web applications are used to transmit, accept and store data that is personal, com- pany confidential and sensitive. Input validation testing (IVT) checks user inputs to ensure that they conform to the program's requirements, which is particularly im- portant for software that relies on user inputs, includ- ing Web

Jeff Offutt; Ye. Wu; Xiaochen Du; Hong Huang

2004-01-01

100

Statistical testing of Web applications  

Microsoft Academic Search

The World Wide Web, initially intended as a way to publish static hypertexts on the Internet, is moving toward complex applications. Static Web sites are being gradually replaced by dynamic sites, where information is stored in databases and non-trivial computation is performed.In such a scenario, ensuring the quality of a Web application from the user's perspective is crucial. Techniques are

Paolo Tonella; Filippo Ricca

2004-01-01

101

Assessing and Exploiting Web Applications with the Open-Source Samurai Web Testing Framework  

Microsoft Academic Search

\\u000a The Samurai Web Testing Framework (WTF) is an open-source LiveCD based on Ubuntu and focused on web application security testing.\\u000a It includes an extensive collection of pre-installed and pre-configured top penetration testing and security analysis tools,\\u000a becoming the perfect environment for assessing and exploiting web applications. The tools categorization guides the analyst\\u000a through the web-app penetration testing methodology, from reconnaissance,

Raul Siles

102

Application Security Automation  

ERIC Educational Resources Information Center

With today's high demand for online applications and services running on the Internet, software has become a vital component in our lives. With every revolutionary technology comes challenges unique to its characteristics; for online applications, security is one huge concern and challenge. Currently, there are several schemes that address…

Malaika, Majid A.

2011-01-01

103

Test SQL injection vulnerabilities in web applications based on structure matching  

Microsoft Academic Search

SQL injection, known as a popular attack against web applications, has become a serious security risk. However, traditional penetration test methods are insufficient to test SQL injection vulnerabilities (SQLIVs) in web applications. This paper presents a new test method called SMART, which automatically tests SQLIVs in web applications. SMART analyzes the SQL queries generated by web applications and uses a

Haiyan Wu; Guozhu Gao; chunyu Miao

2011-01-01

104

FPA Depot - Web Application  

NASA Technical Reports Server (NTRS)

Lines of code (LOC) analysis is one of the methods used to measure programmer productivity and estimate schedules of programming projects. The Launch Control System (LCS) had previously used this method to estimate the amount of work and to plan development efforts. The disadvantage of using LOC as a measure of effort is that one can only measure 30% to 35% of the total effort of software projects involves coding [8]. In the application, instead of using the LOC we are using function point for a better estimation of hours in each software to develop. Because of these disadvantages, Jamie Szafran of the System Software Branch of Control And Data Systems (NE-C3) at Kennedy Space Canter developed a web application called Function Point Analysis (FPA) Depot. The objective of this web application is that the LCS software architecture team can use the data to more accurately estimate the effort required to implement customer requirements. This paper describes the evolution of the domain model used for function point analysis as project managers continually strive to generate more accurate estimates.

Avila, Edwin M. Martinez; Muniz, Ricardo; Szafran, Jamie; Dalton, Adam

2011-01-01

105

WAFA: Fine-grained dynamic analysis of web applications  

Microsoft Academic Search

Database interactions are a vital source of information in the analysis of highly dynamic systems such as web applications. Most web application security vulnerabilities, such as SQL injection and broken access control, can be traced to problems in database interactions. which are implemented as a set of embedded or constructed SQL statements. The identification and analysis of these embedded statements

Manar H. Alalfi; James R. Cordy; Thomas R. Dean

2009-01-01

106

Web Application Model Recovery for User Input Validation Testing  

Microsoft Academic Search

Abstract The invalidated input is one of the most critical web application security flaws. However, testing the user input validation function is an ,intellectual and labor intensive task. We are ,developing a model ,driven framework to help testers to accomplish this job in visual view with guidance. This paper reports our on-going work. A meta-model of Web application for user

Nuo Li; Mao-zhong Jin; Chao Liu

2007-01-01

107

Next Generation Semantic Web Applications  

Microsoft Academic Search

In this short paper, we examine current Semantic Web application and we highlight what we see as a shift away from first generation Semantic Web applications, towards a new generation of applications, designed to exploit the large amounts of heterogeneous semantic markup, which are increasingly becoming available. Our analysis aims both to highlight the main features that can be used

Enrico Motta; Marta Sabou

2006-01-01

108

Web Applications With Django  

Microsoft Academic Search

\\u000a Django is a modern Python web framework that redefined web development in the Python world. A fullstack approach, pragmatic\\u000a design, and superb documentation are some of the reasons for its success.

Josh Juneau; Jim Baker; Victor Ng; Leo Soto; Frank Wierzbicki

109

Reliability, Compliance, and Security in Web-Based Course Assessments  

ERIC Educational Resources Information Center

Pre- and postcourse assessment has become a very important tool for education research in physics and other areas. The web offers an attractive alternative to in-class paper administration, but concerns about web-based administration include reliability due to changes in medium, student compliance rates, and test security, both question leakage…

Bonham, Scott

2008-01-01

110

Integrating elliptic curve cryptography into the web's security infrastructure  

Microsoft Academic Search

RSA is the most popular public-key cryptosystem on the Web today but long-term trends such as the proliferation of smaller, simpler devices and increasing security needs will make continued reliance on RSA more challenging over time. We offer Elliptic Curve Cryptography (ECC) as a suitable alternative and describe our integration of this technology into several key components of the Web's

Vipul Gupta; Douglas Stebila; Sheueling Chang Shantz

2004-01-01

111

Rigorous and Automatic Testing of Web Applications  

Microsoft Academic Search

As web applications become more and more prevalent, the quality assurance of web applications has become more and more important. Due to the complexity of the underlying technologies of web ap- plications, it is more challenging to test web applica- tions than conventional software. It is critical to de- velop eective methodologies and tools for testing web applications. In this

Xiaoping Jia; Hongming Liu

2002-01-01

112

A WEB-BASED PORTAL FOR INFORMATION SECURITY EDUCATION  

Microsoft Academic Search

Today's organizations have become so dependant on information resources that even the effects of a single information security incident could be devastating. Increasing Information Security awareness is the most cost- effective control that an organization can implement. However, most organizations do not have the necessary financial or knowledge resources needed for a comprehensive awareness education program. A web-based portal acting

JOHAN VAN NIEKERK; ROSSOUW VON SOLMS

113

Secure, Autonomous, Intelligent Controller for Integrating Distributed Sensor Webs  

NASA Technical Reports Server (NTRS)

This paper describes the infrastructure and protocols necessary to enable near-real-time commanding, access to space-based assets, and the secure interoperation between sensor webs owned and controlled by various entities. Select terrestrial and aeronautics-base sensor webs will be used to demonstrate time-critical interoperability between integrated, intelligent sensor webs both terrestrial and between terrestrial and space-based assets. For this work, a Secure, Autonomous, Intelligent Controller and knowledge generation unit is implemented using Virtual Mission Operation Center technology.

Ivancic, William D.

2007-01-01

114

Security Encryption Scheme for Communication of Web Based Control Systems  

NASA Astrophysics Data System (ADS)

A control system is a device or set of devices to manage, command, direct or regulate the behavior of other devices or systems. The trend in most systems is that they are connected through the Internet. Traditional Supervisory Control and Data Acquisition Systems (SCADA) is connected only in a limited private network Since the internet Supervisory Control and Data Acquisition Systems (SCADA) facility has brought a lot of advantages in terms of control, data viewing and generation. Along with these advantages, are security issues regarding web SCADA, operators are pushed to connect Control Systems through the internet. Because of this, many issues regarding security surfaced. In this paper, we discuss web SCADA and the issues regarding security. As a countermeasure, a web SCADA security solution using crossed-crypto-scheme is proposed to be used in the communication of SCADA components.

Robles, Rosslin John; Kim, Tai-Hoon

115

Secure password-based authenticated key exchange for web services  

SciTech Connect

This paper discusses an implementation of an authenticated key-exchange method rendered on message primitives defined in the WS-Trust and WS-SecureConversation specifications. This IEEE-specified cryptographic method (AuthA) is proven-secure for password-based authentication and key exchange, while the WS-Trust and WS-Secure Conversation are emerging Web Services Security specifications that extend the WS-Security specification. A prototype of the presented protocol is integrated in the WSRF-compliant Globus Toolkit V4. Further hardening of the implementation is expected to result in a version that will be shipped with future Globus Toolkit releases. This could help to address the current unavailability of decent shared-secret-based authentication options in the Web Services and Grid world. Future work will be to integrate One-Time-Password (OTP) features in the authentication protocol.

Liang, Fang; Meder, Samuel; Chevassut, Olivier; Siebenlist, Frank

2004-11-22

116

Security Data Warehouse Application  

NASA Technical Reports Server (NTRS)

The Security Data Warehouse (SDW) is used to aggregate and correlate all JSC IT security data. This includes IT asset inventory such as operating systems and patch levels, users, user logins, remote access dial-in and VPN, and vulnerability tracking and reporting. The correlation of this data allows for an integrated understanding of current security issues and systems by providing this data in a format that associates it to an individual host. The cornerstone of the SDW is its unique host-mapping algorithm that has undergone extensive field tests, and provides a high degree of accuracy. The algorithm comprises two parts. The first part employs fuzzy logic to derive a best-guess host assignment using incomplete sensor data. The second part is logic to identify and correct errors in the database, based on subsequent, more complete data. Host records are automatically split or merged, as appropriate. The process had to be refined and thoroughly tested before the SDW deployment was feasible. Complexity was increased by adding the dimension of time. The SDW correlates all data with its relationship to time. This lends support to forensic investigations, audits, and overall situational awareness. Another important feature of the SDW architecture is that all of the underlying complexities of the data model and host-mapping algorithm are encapsulated in an easy-to-use and understandable Perl language Application Programming Interface (API). This allows the SDW to be quickly augmented with additional sensors using minimal coding and testing. It also supports rapid generation of ad hoc reports and integration with other information systems.

Vernon, Lynn R.; Hennan, Robert; Ortiz, Chris; Gonzalez, Steve; Roane, John

2012-01-01

117

How to Shop for Free Online -- Security Analysis of Cashier-as-a-Service Based Web Stores  

Microsoft Academic Search

Web applications increasingly integrate third-party services. The integration introduces new security challenges due to the complexity for an application to coordinate its internal states with those of the component services and the web client across the Internet. In this paper, we study the security implications of this problem to merchant websites that accept payments through third-party cashiers (e.g., PayPal, Amazon

Rui Wang; Shuo Chen; XiaoFeng Wang; Shaz Qadeer

2011-01-01

118

FUZZY KEYSTROKE BIOMETRICS ON WEB SECURITY  

Microsoft Academic Search

BioWeb has two different parts: the client side and the server side. The client part consists of DHTML pages and the browser. The browser was a common navigator (Netscape). The system simulates a website with a UserId\\/Password to control the access to it; indeed BioWeb has several features as the capability of register new users, simulate a login, and the

Marino Tapiador; Juan A. Sigüenza

119

Prevention of Cross-Site Scripting Attacks on Current Web Applications  

Microsoft Academic Search

Security is becoming one of the major concerns for web applications and other Internet based services, which are becoming pervasive in all kinds of business models and organizations. Web applications must therefore include, in addition to the expected value offered to their users, relia ble mechanisms to en- sure their security. In this paper, we focus on the specific pr

Joaquín García-alfaro; Guillermo Navarro-arribas

2007-01-01

120

Pixy: A static analysis tool for detecting Web application vulnerabilities  

Microsoft Academic Search

Abstract The number,and the importance of Web applications have increased rapidly over the last years. At the same time, the quantity and impact of security vulnerabilities in such applications have grown as well. Since manual code reviews are time-consuming, error-prone and costly, the need for automated solutions has become evident. In this paper, we address the problem of vulnerable Web

N. Jovanovic; C. Kruegel; E. Kirda

2006-01-01

121

Simple Web Applications  

Microsoft Academic Search

\\u000a One of the major benefits of using Jython is the ability to make use of Java platform capabilities programming in the Python\\u000a programming language instead of Java. In the Java world today, the most widely used web development technique is the Java\\u000a servlet. Now in JavaEE, there are techniques and frameworks used so that we can essentially code HTML or

Josh Juneau; Jim Baker; Victor Ng; Leo Soto; Frank Wierzbicki

122

Process modeling in Web applications  

Microsoft Academic Search

While Web applications evolve towards ubiquitous, enterprise-wide or multi- enterprise informa- tion systems, they face new requirements, such as the capability of managing complex processes spanning multiple users and organizations, by interconnecting software provided by dieren t or- ganizations. Signican t eorts are currently being invested in application integration, to support the composition of business processes of dieren t companies,

Marco Brambilla; Stefano Ceri; Piero Fraternali; Ioana Manolescu

2006-01-01

123

Project Assessment Skills Web Application  

NASA Technical Reports Server (NTRS)

The purpose of this project is to utilize Ruby on Rails to create a web application that will replace a spreadsheet keeping track of training courses and tasks. The goal is to create a fast and easy to use web application that will allow users to track progress on training courses. This application will allow users to update and keep track of all of the training required of them. The training courses will be organized by group and by user, making readability easier. This will also allow group leads and administrators to get a sense of how everyone is progressing in training. Currently, updating and finding information from this spreadsheet is a long and tedious task. By upgrading to a web application, finding and updating information will be easier than ever as well as adding new training courses and tasks. Accessing this data will be much easier in that users just have to go to a website and log in with NDC credentials rather than request the relevant spreadsheet from the holder. In addition to Ruby on Rails, I will be using JavaScript, CSS, and jQuery to help add functionality and ease of use to my web application. This web application will include a number of features that will help update and track progress on training. For example, one feature will be to track progress of a whole group of users to be able to see how the group as a whole is progressing. Another feature will be to assign tasks to either a user or a group of users. All of these together will create a user friendly and functional web application.

Goff, Samuel J.

2013-01-01

124

A Web-Based Portal For Information Security Education  

Microsoft Academic Search

Abstract:,Today’s organizations have become ,so dependant ,on information ,resources that even ,the effects of a ,single information ,security incident could be devastating. Increasing Information Security awareness ,is the ,most ,costeffective control that an organization can implement. However, most organizations do not ,have the necessary financial or knowledge ,resources needed,for a comprehensive ,awareness ,education ,program. A web-based portal acting as a

Johan Van Niekerk

2002-01-01

125

Secure, web-accessible call rosters for academic radiology departments.  

PubMed

Traditionally, radiology department call rosters have been posted via paper and bulletin boards. Frequently, changes to these lists are made by multiple people independently, but often not synchronized, resulting in confusion among the house staff and technical staff as to who is on call and when. In addition, multiple and disparate copies exist in different sections of the department, and changes made would not be propagated to all the schedules. To eliminate such difficulties, a paperless call scheduling application was developed. Our call scheduling program allowed Java-enabled web access to a database by designated personnel from each radiology section who have privileges to make the necessary changes. Once a person made a change, everyone accessing the database would see the modification. This eliminates the chaos resulting from people swapping shifts at the last minute and not having the time to record or broadcast the change. Furthermore, all changes to the database were logged. Users are given a log-in name and password and can only edit their section; however, all personnel have access to all sections' schedules. Our applet was written in Java 2 using the latest technology in database access. We access our Interbase database through the DataExpress and DB Swing (Borland, Scotts Valley, CA) components. The result is secure access to the call rosters via the web. There are many advantages to the web-enabled access, mainly the ability for people to make changes and have the changes recorded and propagated in a single virtual location and available to all who need to know. PMID:10847414

Nguyen, A V; Tellis, W M; Avrin, D E

2000-05-01

126

Web Security and Online Identity Theft  

NSDL National Science Digital Library

This lecture describes the phishing problem, which involves deceptive email and malicious web sites that steal user passwords, and examines several current defenses against phishing attacks. The defenses developed by TRUST researchers include browser extensions that detect malicious web sites, create customized "hashed" passwords, leverage user-chosen images to identify servers, and modify browser cache and history behavior to prevent targeted phishing attacks. The lecturer will also describe the sobering results of user studies that examine why users are fooled by phishing, and consider what must be done in the future to help non-technical computer users understand the threats they face in today's networked computing environment.

Mitchell, John

2009-02-17

127

Sound and precise analysis of web applications for injection vulnerabilities  

Microsoft Academic Search

Web applications are popular targets of security attacks. One com- mon type of such attacks is SQL injection, where an attacker exploits faulty application code to execute maliciously cr afted database queries. Both static and dynamic approaches have been proposed to detect or prevent SQL injections; while dynamic approaches provide protection for deployed software, static ap- proaches can detect potential

Gary Wassermann; Zhendong Su

2007-01-01

128

A Static Analysis Tool for Detecting Web Application Injection Vulnerabilities for ASP Program  

Microsoft Academic Search

Publicly reported vulnerability in recent years strong growth of the Web Application , Cross-site scripting (XSS) and SQL injection have been the most dominant class of web vulnerabilities, Web application security has been a great challenge. For the case, the static analysis tools ASPWC presented in this paper to detect XSS attacks and SQL injection vulnerabilities based on taint analysis,

Xin-hua Zhang; Zhi-jian Wang

2010-01-01

129

Session management for web-based healthcare applications.  

PubMed

In health care systems, users may access multiple applications during one session of interaction with the system. However, users must sign on to each application individually, and it is difficult to maintain a common context among these applications. We are developing a session management system for web-based applications using LDAP directory service, which will allow single sign-on to multiple web-based applications, and maintain a common context among those applications for the user. This paper discusses the motivations for building this system, the system architecture, and the challenges of our approach, such as the session objects management for the user, and session security. PMID:10566511

Wei, L; Sengupta, S

1999-01-01

130

Measuring Web Application Quality with WebQEM  

Microsoft Academic Search

This article discusses using WebQEM, a quantitative evaluation strategy to assess Web site and application quality. Defining and measuring quality indicators can help stakeholders understand and improve Web products. An e-commerce case study illustrates the methodology's utility in systematically assessing attributes that influence product quality

Luis Olsina; Gustavo Rossi

2002-01-01

131

Web Services security in data service delivery platform for telecom  

Microsoft Academic Search

The major requests for telecom network are efficiency, security, and reliability of service. Data service, running on the telecom network, is a most prominent revenue source for telecom operators. But traditional interface for data service delivery platform cannot completely meet these requirements. Web services, as a promising distributed computing technology, is regarded as the best candidate to design these interfaces.

Xiulan Yu; Xiaoyan Chen; Xing Fang; Xiaocheng Ding; Bin Zhou; Bing Wei

2004-01-01

132

Architecture recovery of web applications  

Microsoft Academic Search

Web applications are the legacy software of the future. Developed under tight schedules, with high employee turn over, and in a rapidly evolving environment, these systems are often poorly structured and poorly documented. Maintaining such systems is problematic.This paper presents an approach to recover the architecture of such systems, in order to make maintenance more manageable. Our lightweight approach is

Ahmed E. Hassan; Richard C. Holt

2002-01-01

133

An extended XACML model to ensure secure information access for web services  

Microsoft Academic Search

More and more software systems based on web services have been developed. Web service development techniques are thus becoming crucial. To ensure secure information access, access control should be taken into consideration when developing web services. This paper proposes an extended XACML model named EXACML to ensure secure information access for web services. It is based on the technique of

Shih-chien Chou; Chun-hao Huang

2010-01-01

134

Process Modeling in Web Applications  

Microsoft Academic Search

While Web applications evolve towards ubiquitous, enterprise-wide or multi-enterprise informa-tion systems, they face new requirements, such as the capability of managing complex processes spanning multiple users and organizations, by interconnecting software provided by di erent or-ganizations. Signi cant e orts are currently being invested in application integration, to support the composition of business processes of di erent companies, so as

Stefano Ceri

2005-01-01

135

Quality Attributes of Web Software Applications  

Microsoft Academic Search

Web applications have very high requirements for numerous quality attributes. This article discusses some of the technological challenges of building today's complex Web software applications, their unique quality requirements, and how to achieve them

A. Jefferson Offutt

2002-01-01

136

77 FR 50184 - Miami International Securities Exchange, LLC; Notice of Filing of Application for Registration as...  

Federal Register 2010, 2011, 2012, 2013

...Rule 517. \\7\\ If its application ultimately is approved...including whether the application is consistent with the...Murphy, Secretary, Securities and Exchange Commission...Commission's Internet Web site (http://www...communications relating to the application between the...

2012-08-20

137

THz quasioptics applications in security  

Microsoft Academic Search

Recent developments in active millimeter\\/THz waves high-quality 3D real-time imaging for security applications are discussed. Such type of imaging systems affords a compact, simple, fast and relatively low-cost system.

Igor V. Minin; Oleg V. Minin

2006-01-01

138

MedlinePlus Connect: Web Application  

MedlinePLUS

MedlinePlus Connect: Web Application To use the sharing features on this page, please enable JavaScript. MedlinePlus Connect is available as a ... please see our guidelines and instructions on linking. Web Application Overview The API for the Web application ...

139

Extending Desktop Applications to the Web  

Microsoft Academic Search

Web applications have become the major means to allow ubiquitous access to backend systems via a web browser. Several technologies such as JSP, ASP.NET, or Java Server Faces exist today that help in developing web applications. These technologies do not support the migration of existing legacy desktop applications written with a GUI class library such as Swing, Qt, or GTK

Arno Puder

2001-01-01

140

Reusable aspect components for web applications  

Microsoft Academic Search

Reusability is important especially in Web application development because Web applications tend to be rapidly developed and frequently modified. There are several studies to improve the reusability by adapting modular techniques in software engineering. However, the reusability brought by previous studies is restricted to limited Web applications because the techniques are deeply depended on the specific framework or architecture. In

Keiji Hokamura; Naoyasu Ubayashi; Shin Nakajima; Akihito Iwai

2010-01-01

141

Social Web mining and exploitation for serious applications: Technosocial Predictive Analytics and related technologies for public health, environmental and national security surveillance  

Microsoft Academic Search

This paper explores Technosocial Predictive Analytics (TPA) and related methods for Web “data mining” where users’ posts and queries are garnered from Social Web (“Web 2.0”) tools such as blogs, micro-blogging and social networking sites to form coherent representations of real-time health events. The paper includes a brief introduction to commonly used Social Web tools such as mashups and aggregators,

Maged N. Kamel Boulos; Antonio P. Sanfilippo; Courtney D. Corley; Steve Wheeler

2010-01-01

142

Social Security Online: The Official Web Site of the Social Security Administration  

NSDL National Science Digital Library

Social Security Online: The Official Web Site of the Social Security Administration provides information on the agency's history, goals, budget, services, laws and regulations, as well as statistical data and research. The site provides consumers with information about retirement and disability benefits, forms, answers to frequently asked questions, and instructions and directories that will help those interested in contacting the agency. Employers will find information on wage reporting, tax guides, and employee handouts. Consumers who have a web browser that supports Secure Sockets Layer (SSL) can file an electronic request for Personal Earnings and Benefit Estimate statement; however, as reported in the May 23, 1997 Scout Report, for security reasons the SSA no longer sends the statement online.

1994-01-01

143

SAMP: Application Messaging for Desktop and Web Applications  

NASA Astrophysics Data System (ADS)

SAMP, the Simple Application Messaging Protocol, is a technology which allows tools to communicate. It is deployed in a number of desktop astronomy applications including ds9, Aladin, TOPCAT, World Wide Telescope and numerous others, and makes it straightforward for a user to treat a selection of these tools as a loosely-integrated suite, combining the most powerful features of each. It has been widely used within Virtual Observatory contexts, but is equally suitable for non-VO use. Enabling SAMP communication from web-based content has long been desirable. An obvious use case is arranging for a click on a web page link to deliver an image, table or spectrum to a desktop viewer, but more sophisticated two-way interaction with rich internet applications would also be possible. Use from the web however presents some problems related to browser sandboxing. We explain how the SAMP Web Profile, introduced in version 1.3 of the SAMP protocol, addresses these issues, and discuss the resulting security implications.

Taylor, M. B.; Boch, T.; Fay, J.; Fitzpatrick, M.; Paioro, L.

2012-09-01

144

Testing Web applications by modeling with FSMs  

Microsoft Academic Search

Researchers and practitioners are still trying to nd eective ways to model and test Web applications. This paper proposes a system-level testing technique that combines test generation based on nite state machines with constraints. We use a hierarchical approach to model potentially large Web applications. The approach builds hierarchies of Finite State Machines (FSMs) that model subsystems of the Web

Anneliese Amschler Andrews; Jeff Offutt; Roger T. Alexander

2005-01-01

145

A Survey on Detection Techniques to Prevent Cross-Site Scripting Attacks on Current Web Applications  

Microsoft Academic Search

Security is becoming one of the major concerns for web applications and other Internet based services, which are becoming pervasive in all kinds of business models, organizations, and so on. Moreover, critical systems such as those related to health care, banking, or even emergency response, are relying on such applications and services. Web applications must therefore include, in addition to

Joaquín García-Alfaro; Guillermo Navarro-Arribas

2007-01-01

146

Security seal. [Patent application  

DOEpatents

Security for a package or verifying seal in plastic material is provided by a print seal with unique thermally produced imprints in the plastic. If tampering is attempted, the material is irreparably damaged and thus detectable. The pattern of the imprints, similar to fingerprints are recorded as a positive identification for the seal, and corresponding recordings made to allow comparison. The integrity of the seal is proved by the comparison of imprint identification records made by laser beam projection.

Gobeli, G.W.

1981-11-17

147

Building Rich Web Applications with Ajax  

Microsoft Academic Search

Looks at how developers are going back to the future by building Web applications using Ajax (Asynchronous JavaScript and XML), a set of technologies mostly developed in the 1990s. A key advantage of Ajax applications is that they look and act more like desktop applications. Proponents argue that Ajax applications perform better than traditional Web programs. As an example, Ajax

Linda Dailey Paulson

2005-01-01

148

Social Web mining and exploitation for serious applications: Technosocial Predictive Analytics and related technologies for public health, environmental and national security surveillance  

SciTech Connect

This paper explores techno-social predictive analytics (TPA) and related methods for Web “data mining” where users’ posts and queries are garnered from Social Web (“Web 2.0”) tools such as blogs, microblogging and social networking sites to form coherent representations of real-time health events. The paper includes a brief introduction to commonly used Social Web tools such as mashups and aggregators, and maps their exponential growth as an open architecture of participation for the masses and an emerging way to gain insight about people’s collective health status of whole populations. Several health related tool examples are described and demonstrated as practical means through which health professionals might create clear location specific pictures of epidemiological data such as flu outbreaks.

Kamel Boulos, Maged; Sanfilippo, Antonio P.; Corley, Courtney D.; Wheeler, Steve

2010-03-17

149

Social Web mining and exploitation for serious applications: Technosocial Predictive Analytics and related technologies for public health, environmental and national security surveillance.  

PubMed

This paper explores Technosocial Predictive Analytics (TPA) and related methods for Web "data mining" where users' posts and queries are garnered from Social Web ("Web 2.0") tools such as blogs, micro-blogging and social networking sites to form coherent representations of real-time health events. The paper includes a brief introduction to commonly used Social Web tools such as mashups and aggregators, and maps their exponential growth as an open architecture of participation for the masses and an emerging way to gain insight about people's collective health status of whole populations. Several health related tool examples are described and demonstrated as practical means through which health professionals might create clear location specific pictures of epidemiological data such as flu outbreaks. PMID:20236725

Kamel Boulos, Maged N; Sanfilippo, Antonio P; Corley, Courtney D; Wheeler, Steve

2010-10-01

150

The automated web application testing (AWAT) system  

Microsoft Academic Search

In this paper we propose an Automated Web application Testing (AWAT) system which can be used by instructors to effectively evaluate student web programming projects automatically based on the test cases specified on Excel. The AWAT is driven by WATIR and simulates the actions of human testers to extract information from Web pages, and verify expected outcome based on the

Mate' Sztipanovits; Kai Qian; Xiang Fu

2008-01-01

151

Object-Based Data Flow Testing of Web Applications  

Microsoft Academic Search

Recently, the extraordinary growth in the World Wide Web has been sweeping through business and industry. Many companies have developed or integrated their mis- sion-critical applications using Web technologies. As Web applications become complex, testing Web applications becomes crucial. This paper extends traditional data flow testing techniques to Web applications. Several data flow issues for analyzing HTML documents in Web

Chien-hung Liu; David Chenho Kung; Pei Hsia; Chih-tung Hsu

2000-01-01

152

Cohesive Design of Personalized Web Applications  

Microsoft Academic Search

Good software engineering practices, such as separating concerns and identifying patterns, simplify the critical design decisions in building personalized Web applications. The authors use the object-oriented hypermedia design method (OOHDM) for constructing customized Web applications. Incorporating well-known object-oriented design structures and techniques, OOHDM produces flexible Web application models. Designers can add personalized behavior to these models with minimal code manipulation,

Daniel Schwabe; Robson Mattos Guimarães; Gustavo Rossi

2002-01-01

153

Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Technical Report)  

Microsoft Academic Search

The number and the importance of Web applications have increased rapidly over the last years. At the same time, the quantity and impact of security vulnerabilities in such applications have grown as well. Since manual code reviews are time-consuming, error-prone and costly, the need for automated solutions has become evident. In this paper, we address the problem of vulnerable Web

Nenad Jovanovic; Christopher Kruegel; Engin Kirda

154

78 FR 26407 - Notice of an Application of W2007 Grace Acquisition I, Inc. Under Section 12(h) of the Securities...  

Federal Register 2010, 2011, 2012, 2013

...W2007 Grace's securities; (3) the...W2007 Grace's application, which is...Commission's Internet Web site at http...shtml and for Web site viewing...bearing on the application or the desirability...Secretary, Securities and Exchange...Commission's Internet Web site (http...respect to the application filed...

2013-05-06

155

Specification framework for engineering adaptive web applications  

Microsoft Academic Search

The growing demand for data-driven Web applications has led to the need for a structured and con- trolled approach to the engineering of such applications. Both designers and developers need a framework that in all stages of the engineering process allows them to specify the relevant aspects of the applica- tion. This paper concentrates on Web applications that automatically generate

Flavius Frasincar; Geert-Jan Houben; R Vdovják

2002-01-01

156

Integrating Application Programs for Bioinformatics Using a Web Browser.  

PubMed

We have constructed a general framework for integrating application programs with control through a local Web browser. This method is based on a simple inter-process message function from an external process to application programs. Commands to a target program are prepared in a script file, which is parsed by a message dispatcher program. When it is used as a helper application to a Web browser, these messages will be sent from the browser by clicking a hyper-link in a Web document. Our framework also supports pluggable extension-modules for application programs by means of dynamic linking. A prototype system is implemented on our molecular structure-viewer program, MOSBY. It successfully featured a function to load an extension-module required for the docking study of molecular fragments from a Web page. Our simple framework facilitates the concise configuration of Web softwares without complicated knowledge on network computation and security issues. It is also applicable for a wide range of network computations processing private data using a Web browser. PMID:11072353

Ueno; Asai; Arita

1999-01-01

157

An Object-Oriented Web Test Model for Testing Web Applications  

Microsoft Academic Search

In recent years, Web applications have grown rapidly. As Web applications become complex, there is a growing concern about their quality and reliability. In this paper we present a methodology that uses an object-oriented Web Test Model (WTM) to support Web application testing. The test model captures both structural and behavioral test artifacts of Web applications and represents the artifacts

David Chenho Kung; Chien-hung Liu; Pei Hsia

2000-01-01

158

Bridging the Gap Between Web Application Firewalls and Web Applications: Extended Abstract  

Microsoft Academic Search

Web applications are the Achilles heel of our current ICT infrastruc- ture. NIST's national vulnerability database clearly shows that the perce ntage of vulnerabilities located in the application layer increases steadily. Web Applica- tion Firewalls (WAFs) play an important role in preventing exploitation of vul- nerabilities in web applications. However, WAFs are very pragmatic and ad hoc, and it is

Lieven Desmet; Frank Piessens; Wouter Joosen; Pierre Verbaeten

159

Using the Web Graph to influence application behaviour  

Microsoft Academic Search

The Web's link structure (termed the Web Graph) is a richly connected set of Web pages. Current applications use this graph for indexing and information retrieval purposes. In contrast the relationship between Web Graph and application is reversed by letting the structure of the Web Graph influence the behaviour of an application. Presents a novel Web crawling agent, AlienBot, the

Michael P. Evans; Andrew Walker

2004-01-01

160

Protection of Web Applications from Cross-Site Scripting Attacks in Browser Side  

Microsoft Academic Search

Cross Site Scripting (XSS) Flaws are currently the most popular security\\u000aproblems in modern web applications. These Flaws make use of vulnerabilities in\\u000athe code of web-applications, resulting in serious consequences, such as theft\\u000aof cookies, passwords and other personal credentials. Cross-Site scripting\\u000aFlaws occur when accessing information in intermediate trusted sites. Client\\u000aside solution acts as a web proxy

K. Selvamani; A. Duraisamy; A. Kannan

2010-01-01

161

Roles in building web applications using Java  

Microsoft Academic Search

In this paper we apply the powerJava model of roles and relationships to a web application programming environment. First we show how the notion of role, as defined in powerJava, combines and automates several aspects which are important in web application programming, and which are now unrelated and dealt with separately and mostly by hand, and thus prone to errors.

Guido Boella; Roberto Grenna; Andrea Cerisara

2009-01-01

162

Web Services: Distributed Applications Without Limits  

Microsoft Academic Search

Abstract: Web services technologyis all about distributed computing. There is no fundamentally new basic ,concept behind this and related technologies. What is really new,is the reach of Web services and its ubiquitous support by literally all major vendors. Most likely, heterogeneity will at the end no longer be an obstruction for distributed applications. This will have impact on application architectures,

Frank Leymann

2003-01-01

163

Web Usage Mining: Discovery and Applications of Usage Patterns from Web Data  

Microsoft Academic Search

Web usage mining is the application of data mining techniques to discover usage patterns from Web data, in order to understand and better serve the needs of Web-based applications. Web usage mining consists of three phases, namely . This paper describes each of these phases in detail. Given its application potential, Web usage mining has seen a rapid increase in

Jaideep Srivastava; Robert Cooley; Mukund Deshpande; Pang-Ning Tan

2000-01-01

164

78 FR 14847 - Topaz Exchange, LLC; Notice of Filing of Application for Registration as a National Securities...  

Federal Register 2010, 2011, 2012, 2013

...Exchange's Form 1 application, including all of the...including whether the application is consistent with the...Murphy, Secretary, Securities and Exchange Commission...Commission's Internet Web site (http://www...communications relating to the application between the...

2013-03-07

165

Web Application Software for Ground Operations Planning Database (GOPDb) Management  

NASA Technical Reports Server (NTRS)

A Web application facilitates collaborative development of the ground operations planning document. This will reduce costs and development time for new programs by incorporating the data governance, access control, and revision tracking of the ground operations planning data. Ground Operations Planning requires the creation and maintenance of detailed timelines and documentation. The GOPDb Web application was created using state-of-the-art Web 2.0 technologies, and was deployed as SaaS (Software as a Service), with an emphasis on data governance and security needs. Application access is managed using two-factor authentication, with data write permissions tied to user roles and responsibilities. Multiple instances of the application can be deployed on a Web server to meet the robust needs for multiple, future programs with minimal additional cost. This innovation features high availability and scalability, with no additional software that needs to be bought or installed. For data governance and security (data quality, management, business process management, and risk management for data handling), the software uses NAMS. No local copy/cloning of data is permitted. Data change log/tracking is addressed, as well as collaboration, work flow, and process standardization. The software provides on-line documentation and detailed Web-based help. There are multiple ways that this software can be deployed on a Web server to meet ground operations planning needs for future programs. The software could be used to support commercial crew ground operations planning, as well as commercial payload/satellite ground operations planning. The application source code and database schema are owned by NASA.

Lanham, Clifton; Kallner, Shawn; Gernand, Jeffrey

2013-01-01

166

Where Did All the Data Go? Internet Security for Web-Based Assessments.  

ERIC Educational Resources Information Center

The purpose of this paper is to enumerate a series of security steps that might be taken by those individuals or organizations that are contemplating Web-based tests and performance assessments. From a security viewpoint, much of what goes on with Web-based transactions is similar to other general computer activity, but the recommendations focus…

Shermis, Mark D.; Averitt, Jason

167

On specifying security policies for web documents with an XML-based language  

Microsoft Academic Search

The rapid growth of the Web and the ease with which data can be accessed facilitate the distribution and sharing of information. Information dissemination often takes the form of documents that are made available at Web servers, or that are actively broadcasted by Web servers to interested clients. In this paper, we present an XML-compliant formalism for specifying security-related information

Elisa Bertino; Silvana Castano; Elena Ferrari

2001-01-01

168

Multimedia Security System for Security and Medical Applications  

ERIC Educational Resources Information Center

This dissertation introduces a new multimedia security system for the performance of object recognition and multimedia encryption in security and medical applications. The system embeds an enhancement and multimedia encryption process into the traditional recognition system in order to improve the efficiency and accuracy of object detection and…

Zhou, Yicong

2010-01-01

169

Analysis and testing of Web applications  

Microsoft Academic Search

The economic relevance of Web applications increases the importance of controlling and improving their quality. Moreover, the new available technologies for their development allow the insertion of sophisticated functions, but often leave the developers responsible for their organization and evolution. As a consequence, a high demand is emerging for methodologies and tools for quality assurance of Web based systems.In this

Filippo Ricca; Paolo Tonella

2001-01-01

170

Object-Oriented Web Application Development  

Microsoft Academic Search

abstraction In other words, the component model maintains the developer's view of an application, - from which the Web view is derived incrementally We will briefly describe the component model and the concepts for resource generation (for more - detail, see Gellersen et al ) Then we present a new development, the WebComposition Markup Lan - guage, that implements the

Hans-werner Gellersen; Martin Gaedke

1999-01-01

171

Client\\/Server Web Application Development  

Microsoft Academic Search

Client Side Web Application Development refers to coding in HTML and\\/or scripting languages. When a user opens a web page, which is stored in a server, the file is transferred from the server computer to the client computer and viewed in the client computer. If it consists of scripts, execution of these programs is done in the client computer. In

Mehdi Raoufi; Kimberly Spoa; Zachary Wiggins

172

Semantic-Web Technology: Applications at NASA.  

National Technical Information Service (NTIS)

We provide a description of work at the National Aeronautics and Space Administration (NASA) on building system based on semantic-web concepts and technologies. NASA has been one of the early adopters of semantic-web technologies for practical application...

N. Ashish

2004-01-01

173

VOGCLUSTERS: An Example of DAME Web Application  

NASA Astrophysics Data System (ADS)

We present the alpha release of the VOGCLUSTERS web application, specialized for data and text mining on globular clusters. It is one of the web2.0 technology based services of Data Mining &Exploration (DAME) Program, devoted to mine and explore heterogeneous information related to globular clusters data.

Castellani, M.; Brescia, M.; Mancini, E.; Pellecchia, L.; Longo, G.

2012-07-01

174

Exception handling in workflow-driven Web applications  

Microsoft Academic Search

As the Web becomes a platform for implementing B2B applications, the need arises of Web conceptual models for describing Web oriented workflow applications implementing business processes. In this context, new problems about process correctness arise, due to the loose control of Web applications upon the behavior of their Web clients. Indeed, incoherent user's behavior can lead to inconsistent processes.This paper

Marco Brambilla; Stefano Ceri; Sara Comai; Christina Tziviskou

2005-01-01

175

Access Control of Web- and Java-Based Applications  

NASA Technical Reports Server (NTRS)

Cybersecurity has become a great concern as threats of service interruption, unauthorized access, stealing and altering of information, and spreading of viruses have become more prevalent and serious. Application layer access control of applications is a critical component in the overall security solution that also includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. An access control solution, based on an open-source access manager augmented with custom software components, was developed to provide protection to both Web-based and Javabased client and server applications. The DISA Security Service (DISA-SS) provides common access control capabilities for AMMOS software applications through a set of application programming interfaces (APIs) and network- accessible security services for authentication, single sign-on, authorization checking, and authorization policy management. The OpenAM access management technology designed for Web applications can be extended to meet the needs of Java thick clients and stand alone servers that are commonly used in the JPL AMMOS environment. The DISA-SS reusable components have greatly reduced the effort for each AMMOS subsystem to develop its own access control strategy. The novelty of this work is that it leverages an open-source access management product that was designed for Webbased applications to provide access control for Java thick clients and Java standalone servers. Thick clients and standalone servers are still commonly used in businesses and government, especially for applications that require rich graphical user interfaces and high-performance visualization that cannot be met by thin clients running on Web browsers

Tso, Kam S.; Pajevski, Michael J.

2013-01-01

176

Network and Application Security in Mobile e-Health Applications  

Microsoft Academic Search

\\u000a Different IT applications require different network and application security services. We have been working in the area of\\u000a e-health applications in mobile environments, and we have needed to integrate security services therein. This paper presents\\u000a a specification of such network and application security services for mobile e-health applications and how we have implemented\\u000a them. First, various security threats specific of e-health

Ramon Martí; Jaime Delgado; Xavier Perramon

2004-01-01

177

Intelligent Video for Homeland Security Applications  

Microsoft Academic Search

This paper considers the problem of protecting critical infrastructure and other homeland security initiatives with the application of an intelligent video (IV) system. A systems engineering approach is followed to decompose top level requirements into system functions based on the Department of Homeland Security (DHS) Strategic Plan, The National Strategy for Homeland Security, and the National Infrastructure Protection Plan (NIPP).

A. Nusimow

2007-01-01

178

Mandatory Access Control applications to web hosting  

Microsoft Academic Search

\\u000a “Hosting” represents a commonplace solution for the low-cost implementation of web sites through the efficient sharing of\\u000a the resources of a single server. The arising security problems, however, are not always easily dealt with under the Discretionary\\u000a Access Control model implemented by traditional operating systems. More robust separation between the hosted sites, as well\\u000a as more robust protection of the

Marco Prandini; Eugenio Faldella; Roberto Laschi

2007-01-01

179

Model-driven development of Web Services and hypertext applications  

Microsoft Academic Search

This paper addresses the model-driven development of Web applications that integrate hypertextual navigation, con- tent publishing and management, and interaction with re- mote Web Services. The proposed approach relies on an extension of the Web Modeling Language, a visual nota- tion for the design of data-intensive Web applications, with primitives for capturing various forms of interaction with Web services, including

M. Brambilla; S. Ceri; S. Comai; P. Fraternali; Ioana Manolescu

2003-01-01

180

Dynamic placement for clustered web applications  

Microsoft Academic Search

We introduce and evaluate a middleware clustering technology ca- pable of allocating resources to web applications through dynamic applicationinstanceplacement. Wedefineapplicationinstanceplace- ment as the problem of placing application instances on a given set of server machines to adjust the amount of resources available to applications in response to varying resource demands of appli- cation clusters. The objective is to maximize the

A. Karve; Tracy Kimbrel; Giovanni Pacifici; Mike Spreitzer; Malgorzata Steinder; Maxim Sviridenko; Asser N. Tantawi

2006-01-01

181

Leveraging User-Session Data to Support Web Application Testing  

Microsoft Academic Search

Web applications are vital components of the global information infrastructure, and it is important to ensure their dependability. Many techniques and tools for validating Web applications have been created, but few of these have addressed the need to test Web application functionality and none have attempted to leverage data gathered in the operation of Web applications to assist with testing.

Sebastian G. Elbaum; Gregg Rothermel; Srikanth Karre; Marc Fisher II

2005-01-01

182

Geant4 application in a Web browser  

NASA Astrophysics Data System (ADS)

Geant4 is a toolkit for the simulation of the passage of particles through matter. The Geant4 visualization system supports many drivers including OpenGL[1], OpenInventor, HepRep[2], DAWN[3], VRML, RayTracer, gMocren[4] and ASCIITree, with diverse and complementary functionalities. Web applications have an increasing role in our work, and thanks to emerging frameworks such as Wt [5], building a web application on top of a C++ application without rewriting all the code can be done. Because the Geant4 toolkit's visualization and user interface modules are well decoupled from the rest of Geant4, it is straightforward to adapt these modules to render in a web application instead of a computer's native window manager. The API of the Wt framework closely matches that of Qt [6], our experience in building Qt driver will benefit for Wt driver. Porting a Geant4 application to a web application is easy, and with minimal effort, Geant4 users can replicate this process to share their own Geant4 applications in a web browser.

Garnier, Laurent; Geant4 Collaboration

2014-06-01

183

XCS: cross channel scripting and its impact on web applications  

Microsoft Academic Search

We study the security of embedded web servers used in con- sumer electronic devices, such as security cameras and photo frames, and for IT infrastructure, such as wireless access points and lights-out management systems. All the devices we examine turn out to be vulnerable to a variety of web attacks, including cross site scripting (XSS) and cross site request forgery

Hristo Bojinov; Elie Bursztein; Dan Boneh

2009-01-01

184

Validating Security Policy Conformance with WS-Security Requirements  

Microsoft Academic Search

\\u000a Web Services Security (WS-Security) is a technology to secure the data exchanges in SOA applications. The security requirements\\u000a for WS-Security are specified as a security policy expressed in Web Services Security Policy (WS-SecurityPolicy). The WS-I\\u000a Basic Security Profile (BSP) describes the best-practices security practices for addressing the security concerns of WS-Security.\\u000a It is important to prepare BSP-conformant security policies, but

Fumiko Satoh; Naohiko Uramoto

2010-01-01

185

Modelling Safe Interface Interactions in Web Applications  

NASA Astrophysics Data System (ADS)

Current Web applications embed sophisticated user interfaces and business logic. The original interaction paradigm of the Web based on static content pages that are browsed by hyperlinks is, therefore, not valid anymore. In this paper, we advocate a paradigm shift for browsers and Web applications, that improves the management of user interaction and browsing history. Pages are replaced by States as basic navigation nodes, and Back/Forward navigation along the browsing history is replaced by a full-fledged interactive application paradigm, supporting transactions at the interface level and featuring Undo/Redo capabilities. This new paradigm offers a safer and more precise interaction model, protecting the user from unexpected behaviours of the applications and the browser.

Brambilla, Marco; Cabot, Jordi; Grossniklaus, Michael

186

Data mining approach to web application intrusions detection  

Microsoft Academic Search

Web applications became most popular medium in the Internet. Popularity, easiness of web application script languages and frameworks together with careless development results in high number of web application vulnerabilities and high number of attacks performed. There are several types of attacks possible because of improper input validation: SQL injection Cross-site scripting, Cross-Site Request Forgery (CSRF), web spam in blogs

Arkadiusz Kalicki

2011-01-01

187

LISA, the next generation: from a web-based application to a fat client.  

PubMed

The LISA application, developed by the University Hospitals Leuven, permits referring physicians to consult the electronic medical records of their patients over the internet in a highly secure way. We decided to completely change the way we secured the application, discard the existing web application and build a completely new application, based on the in-house developed hospital information system, used in the University Hospitals Leuven. The result is a fat Java client, running on a Windows Terminal Server, secured by a commercial SSL-VPN solution. PMID:18953122

Pierlet, Noëlla; Aerts, Werner; Vanautgaerden, Mark; Van den Bosch, Bart; De Deurwaerder, André; Schils, Erik; Noppe, Thomas

2008-01-01

188

Grid Web Services and Application Factories  

Microsoft Academic Search

This paper describes an implementation of a Grid Application Factory Service that is based on a component architecture that utilizes the emerging Web Services standards. The factory service is used by Grid clients to authenticate and authorize a user to configure and launch an instance of a distributed application. This helps us solve the problem of building reliable, scalable Grid

Dennis Gannon; Rachana Ananthakrishnan; Sriram Krishnan; Madhusudhan Govindaraju

2002-01-01

189

Constructing Reliable Web Applications Using Atomic Actions  

Microsoft Academic Search

The Web frequently suffers from failures which affect the performance and consistency of applications run over it. An important fault-tolerance technique is the use of atomic actions (atomic transactions) for controlling operations on services. Atomic actions guarantee the consistency of applications despite concurrent a ccesses and failures. Techniques for implementing transactions on distributed objects are well-known: in order to become

Mark C. Little; Santosh K. Shrivastava; Steve J. Caughey; David B. Ingham

1997-01-01

190

Robust image obfuscation for privacy protection in Web 2.0 applications  

NASA Astrophysics Data System (ADS)

We present two approaches to robust image obfuscation based on permutation of image regions and channel intensity modulation. The proposed concept of robust image obfuscation is a step towards end-to-end security in Web 2.0 applications. It helps to protect the privacy of the users against threats caused by internet bots and web applications that extract biometric and other features from images for data-linkage purposes. The approaches described in this paper consider that images uploaded to Web 2.0 applications pass several transformations, such as scaling and JPEG compression, until the receiver downloads them. In contrast to existing approaches, our focus is on usability, therefore the primary goal is not a maximum of security but an acceptable trade-off between security and resulting image quality.

Poller, Andreas; Steinebach, Martin; Liu, Huajian

2012-02-01

191

Semantic scheme to extract attack strategies for Web service network security  

Microsoft Academic Search

In the recent years, Web technologies have been used to provide an interface to the distributed services. The advent of the computer networks has accelerated this development, and has sparked the emergence of the numerous environments that enable Web services. However, the computer network security against the distributed denial of service attacks (DDoS) attacks attracts more attentions. The overwhelming alerts

Wei Yan; Fang Liu

2004-01-01

192

Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper)  

Microsoft Academic Search

The number and the importance of Web applications have increased rapidly over the last years. At the same time, the quantity and impact of security vulnerabilities in such applications have grown as well. Since manual code re- views are time-consuming, error-prone and costly, the need for automated solutions has become evident. In this paper, we address the problem of vulnerable

Nenad Jovanovic; Christopher Kruegel; Engin Kirda

2006-01-01

193

Semantic-Web Technology: Applications at NASA  

NASA Technical Reports Server (NTRS)

We provide a description of work at the National Aeronautics and Space Administration (NASA) on building system based on semantic-web concepts and technologies. NASA has been one of the early adopters of semantic-web technologies for practical applications. Indeed there are several ongoing 0 endeavors on building semantics based systems for use in diverse NASA domains ranging from collaborative scientific activity to accident and mishap investigation to enterprise search to scientific information gathering and integration to aviation safety decision support We provide a brief overview of many applications and ongoing work with the goal of informing the external community of these NASA endeavors.

Ashish, Naveen

2004-01-01

194

Image-based electronic patient records for secured collaborative medical applications.  

PubMed

We developed a Web-based system to interactively display image-based electronic patient records (EPR) for secured intranet and Internet collaborative medical applications. The system consists of four major components: EPR DICOM gateway (EPR-GW), Image-based EPR repository server (EPR-Server), Web Server and EPR DICOM viewer (EPR-Viewer). In the EPR-GW and EPR-Viewer, the security modules of Digital Signature and Authentication are integrated to perform the security processing on the EPR data with integrity and authenticity. The privacy of EPR in data communication and exchanging is provided by SSL/TLS-based secure communication. This presentation gave a new approach to create and manage image-based EPR from actual patient records, and also presented a way to use Web technology and DICOM standard to build an open architecture for collaborative medical applications. PMID:17282930

Zhang, Jianguo; Sun, Jianyong; Yang, Yuanyuan; Liang, Chenwen; Yao, Yihong; Cai, Weihua; Jin, Jin; Zhang, Guozhen; Sun, Kun

2005-01-01

195

ReSTful OSGi Web Applications Tutorial  

NASA Technical Reports Server (NTRS)

This slide presentation accompanies a tutorial on the ReSTful (Representational State Transfer) web application. Using Open Services Gateway Initiative (OSGi), ReST uses HTTP protocol to enable developers to offer services to a diverse variety of clients: from shell scripts to sophisticated Java application suites. It also uses Eclipse for the rapid development, the Eclipse debugger, the test application, and the ease of export to production servers.

Shams, Khawaja; Norris, Jeff

2008-01-01

196

Secure coprocessing applications and research issues  

SciTech Connect

The potential of secure coprocessing to address many emerging security challenges and to enable new applications has been a long-standing interest of many members of the Computer Research and Applications Group, including this author. The purpose of this paper is to summarize this thinking, by presenting a taxonomy of some potential applications and by summarizing what we regard as some particularly interesting research questions.

Smith, S.W.

1996-08-01

197

Toward a New Generation of Semantic Web Applications  

Microsoft Academic Search

Although research on integrating semantics with the Web started almost as soon as the Web was in place, a concrete Semantic Web that is, a large-scale collection of distributed semantic metadata emerged only over the past four to five years. The Semantic Web's embryonic nature is reflected in its existing applications. Most of these applications tend to produce and consume

Mathieu D'aquin; Enrico Motta; Marta Sabou; Sofia Angeletou; Laurian Gridinoc; Vanessa Lopez; Davide Guidi

2008-01-01

198

FASH: A web application for nucleotides sequence search  

PubMed Central

FASH (Fourier Alignment Sequence Heuristics) is a web application, based on the Fast Fourier Transform, for finding remote homologs within a long nucleic acid sequence. Given a query sequence and a long text-sequence (e.g, the human genome), FASH detects subsequences within the text that are remotely-similar to the query. FASH offers an alternative approach to Blast/Fasta for querying long RNA/DNA sequences. FASH differs from these other approaches in that it does not depend on the existence of contiguous seed-sequences in its initial detection phase. The FASH web server is user friendly and very easy to operate. FASH can be accessed at (secured website)

Veksler-Lublinksy, Isana; Barash, Danny; Avisar, Chai; Troim, Einav; Chew, Paul; Kedem, Klara

2008-01-01

199

Evaluation of Web Applications According to Intelligence Parameters  

Microsoft Academic Search

Nowadays evaluation of software is important term in software engineering world. Engineers use conventional metrics to evaluate a software production which was defined in software engineering. Also defining a metric is depending on application of software. Web application is wellknown as software. Evaluation of Web application is possible by conventional metrics. As we know competition in developing of Web application

Alireza Tabatabaei Tabrizi; Mohsen Sadighi Moshkenani

2008-01-01

200

Ganymed: Scalable Replication for Transactional Web Applications  

Microsoft Academic Search

Data grids, large scale web applications generating dynamic content and database service providing pose significant scalability challenges to database engines. Replication is the most common solution but it involves difficult trade-offs. The most difficult one is the choice between scalability and consistency. Commercial systems give up consistency. Research solutions typically either offer a compromise (limited scalability in exchange for consistency)

Christian Plattner; Gustavo Alonso

2004-01-01

201

Modeling Interactions and Navigation in Web Applications  

Microsoft Academic Search

This work presents a method that bridges the gap between requirements elicitation and conceptual, interaction and navigation design for Web applications. This method is based on user scenarios, use cases, and a new graphical notation, called User Interaction Diagrams. From these specifications, it is shown how to derive a conceptual model, and then how to derive the navigational structure of

Natacha Güell; Daniel Schwabe; Patricia Vilain

2000-01-01

202

Secure voice for mobile satellite applications  

NASA Astrophysics Data System (ADS)

The initial system studies are described which were performed at JPL on secure voice for mobile satellite applications. Some options are examined for adapting existing Secure Telephone Unit III (STU-III) secure telephone equipment for use over a digital mobile satellite link, as well as for the evolution of a dedicated secure voice mobile earth terminal (MET). The work has included some lab and field testing of prototype equipment. The work is part of an ongoing study at JPL for the National Communications System (NCS) on the use of mobile satellites for emergency communications. The purpose of the overall task is to identify and enable the technologies which will allow the NCS to use mobile satellite services for its National Security Emergency Preparedness (NSEP) communications needs. Various other government agencies will also contribute to a mobile satellite user base, and for some of these, secure communications will be an essential feature.

Vaisnys, Arvydas; Berner, Jeff

203

Secure voice for mobile satellite applications  

NASA Technical Reports Server (NTRS)

The initial system studies are described which were performed at JPL on secure voice for mobile satellite applications. Some options are examined for adapting existing Secure Telephone Unit III (STU-III) secure telephone equipment for use over a digital mobile satellite link, as well as for the evolution of a dedicated secure voice mobile earth terminal (MET). The work has included some lab and field testing of prototype equipment. The work is part of an ongoing study at JPL for the National Communications System (NCS) on the use of mobile satellites for emergency communications. The purpose of the overall task is to identify and enable the technologies which will allow the NCS to use mobile satellite services for its National Security Emergency Preparedness (NSEP) communications needs. Various other government agencies will also contribute to a mobile satellite user base, and for some of these, secure communications will be an essential feature.

Vaisnys, Arvydas; Berner, Jeff

1990-01-01

204

Secure Middleware for Defence Applications.  

National Technical Information Service (NTIS)

Achieving robust and secure system interoperability over Mobile Wireless Networks poses a number of daunting challenges: (1) Ensuring robustness and survivability in the presence of network jamming, transient faults, frequent node failures (e.g., due to t...

M. Born R. Bharadwaj R. Schreiner

2006-01-01

205

Web Spam Challenge 2007 Track II Secure Computing Corporation Research  

Microsoft Academic Search

To discriminate spam Web hosts\\/pages from normal ones, text-based and link-based data are provided for Web Spam Challenge Track II. Given a small part of labeled nodes (about 10%) in a Web linkage graph, the challenge is to predict other nodes' class to be spam or normal. We extract features from link-based data, and then combine them with text-based features.

Yuchun Tang; Yuanchen He; Sven Krasser; Paul Judge

2007-01-01

206

How to Make Personalized Web Browising Simple, Secure, and Anonymous  

Microsoft Academic Search

. An increasing number of web-sites require users to establishan account before they can access the information stored on that site("personalized web browsing"). Typically, the user is required to provideat least a unique username, a secret password and an e-mail address.Establishing accounts at multiple web-sites is a tedious task. A securityandprivacy-aware user may have to invent a distinct username and

Eran Gabber; Phillip B. Gibbons; Yossi Matias; Alain J. Mayer

1997-01-01

207

Addressing Security Challenges in Pervasive Computing Applications.  

National Technical Information Service (NTIS)

Pervasive computing provides services that use knowledge about the operating environment. The very knowledge that enables an application to provide better services may, however, be misused, causing security and privacy breaches. Uncontrolled disclosure of...

I. Ray I. Ray

2010-01-01

208

Web Design Frameworks: An Approach to Improve Reuse in Web Applications  

Microsoft Academic Search

In this paper we introduce Web design frameworks as a conceptual approach to maximize reuse in Web applications. We first discuss the need for building abstract and reusable navigational design structures, exemplifying with different kinds of Web Information Systems. Then, we briefly review the state of the art of object-orient ed application frameworks and present the rationale for a slightly

Daniel Schwabe; Gustavo Rossi; Luiselena Esmeraldo; Fernando Lyardet

2001-01-01

209

Improving web application testing with user session data  

Microsoft Academic Search

Web applications have become critical components of the global information infrastructure, and it is important that they be validated to ensure their reliability. Therefore, many techniques and tools for validating web applications have been created. Only a few of these techniques, however, have addressed problems of testing the functionality of web applications, and those that do have not fully considered

Sebastian G. Elbaum; Srikanth Karre; Gregg Rothermel

2003-01-01

210

A New Method on Automated Web Application Testing  

Microsoft Academic Search

Internet and its web contents are extensively used in real trade and the existence of bugs in software can be disastrous. According to the specific properties of web applications, traditional test approaches are not applicable to this area. Though, lots of methods are proposed to assure the quality of web applications, advances are not considerable yet. This is because the

Mohsen Sharifi; Shahab Tasharrofi; Hamid Mahmoudzadeh

211

A Tool to Support Automated Testing for Web Application Scenario  

Microsoft Academic Search

Web applications are becoming increasingly complex and important for companies. Their development, including analysis, design, and testing, needs to be approached by means of support tools. There are some tools provided to support analysis and design. However, few tools are provided to directly support the software testing on Web-based applications. In this paper, a software tool, named WASATT (Web application

Cheng-hui Huang; Huo Yan Chen

2006-01-01

212

Implementation of secure speaker verification at web login page using Mel Frequency Cepstral Coefficient-Gaussian Mixture Model (MFCC-GMM)  

Microsoft Academic Search

The need of security for web page was increased as the development of online activity especially trading or banking. Speaker recognition can be used to secure the web page which need high security level. In this research, the speaker recognition system at web page was successfully built for login authentication security. For enrollment and verification need, speech signal from clients

B. Putra; Suyanto

2011-01-01

213

Web technology for emergency medicine and secure transmission of electronic patient records.  

PubMed

The American Heritage dictionary defines the word "web" as "something intricately contrived, especially something that ensnares or entangles." The wealth of medical resources on the World Wide Web is now so extensive, yet disorganized and unmonitored, that such a definition seems fitting. In emergency medicine, for example, a field in which accurate and complete information, including patients' records, is urgently needed, more than 5000 Web pages are available today, whereas fewer than 50 were available in December 1994. Most sites are static Web pages using the Internet to publish textbook material, but new technology is extending the scope of the Internet to include online medical education and secure exchange of clinical information. This article lists some of the best Web sites for use in emergency medicine and then describes a project in which the Web is used for transmission and protection of electronic medical records. PMID:9673087

Halamka, J D

1998-01-01

214

Training Security Assurance Teams Using Vulnerability Injection  

Microsoft Academic Search

Writing secure Web applications is a complex task. In fact, a vast majority of Web applications are likely to have security vulnerabilities that can be exploited using simple tools like a common Web browser. This represents a great danger as the attacks may have disastrous consequences to organizations, harming their assets and reputation. To mitigate these vulnerabilities, security code inspections

José Fonseca; Marco Vieira; Henrique Madeira; M. Henrique

2008-01-01

215

Preparedness Web: Utilizing Regional Collaborative Networks for Homeland Security Preparedness.  

National Technical Information Service (NTIS)

This case study is offered with the purpose of informing the initiation of regional collaborative efforts nationwide. This research effort examines a network of networks, called here a Preparedness Web, utilized to meet locally identified regional homelan...

C. C. Holbrook

2007-01-01

216

Usage-Centered Engineering for Web Applications  

Microsoft Academic Search

This paper presents a lightweight form of usage-centered design that has proved particularly effective in designing highly usable Web- based applications. Fully compatible with both traditional object-oriented software engineering methods and newer agile techniques such as Extreme Programming, this approach employs rapid, card-based techniques to develop simplified models of user roles, tasks, and user interface contents. The process attempts to

Larry L. Constantine; Lucy A. D. Lockwood

2002-01-01

217

Injecting a permission-based delegation model to secure web-based workflow systems  

Microsoft Academic Search

Web-based workflow systems have emerged in almost every business because they can support dynamic business processes over heterogeneous computing systems which is the requirement of a modern business. At the same time security and flexibility have become the two most important aspects in those systems. Role-based access control has been injected to Web-based workflow systems to control access (without hindering

Xiaoran Wang; Coskun Bayrak

2009-01-01

218

Microcontroller-Based AWGNG for Security Enhancement of Embedded Real-Time Web Services  

Microsoft Academic Search

In this paper, a microcontroller-based Additive White Gaussian Noise Generator (AWGNG) for security enhancement of embedded real-time web services running on embedded boards is presented. The scheme utilizes combination of Windows Embedded Standard based Web Service on Vortex86 based embedded system connected to Atmega128 microcontroller generating Additive White Gaussian Noise stream. The real time generated stream can be used as

Behnam Rahnama; Atilla Elçi; Ramin Bakhshi; Alirad Malek; Arjang Ahmadi

2009-01-01

219

Fine-Grain, End-to-End Security for Web Service Compositions  

Microsoft Academic Search

Web service composition introduces two research challenges to end-to-end integrity and confidentiality of information flow. First, component services need the ability to selectively read or modify information flows. Second, component web services may or may not be trusted by all participants in the same degree. Existing specifications such as WS-security provide fine-grained signatures and encryption for pair-wise interactions, but insufficient

Lenin Singaravelu; Calton Pu

2007-01-01

220

Web-Based Resources and Applications: Quality and Influence  

ERIC Educational Resources Information Center

This paper evaluates the quality of two major types of Web resources for K-12 education --information for research, and interactive applications for teaching and learning. It discusses an evaluation on the quality of 1,025 pieces of Web information (articles, research reports, news, and statistics) and 900 Web applications (tutorials, drills,…

Liu, Leping; Johnson, D. Lamont

2005-01-01

221

A Safety-Oriented Platform for Web Applications  

Microsoft Academic Search

The Web browser has become the dominant interface to a broad range of applications, including online banking, Web-based email, digital media delivery, gaming, and e- commerce services. Early Web browsers provided simple access to static hypertext documents. In contrast, modern browsers serve as de facto operating systems that must man- age dynamic and potentially malicious applications. Unfor- tunately, browsers have

Richard S. Cox; Steven D. Gribble; Henry M. Levy; Jacob Gorm Hansen

2006-01-01

222

Dynamic Model Extraction and Statistical Analysis of Web Applications  

Microsoft Academic Search

Abstract The World Wide Web, initially intended as a way to pub- lish static hypertexts on the Internet, is moving toward com- plex applications. Static Web sites are being gradually re- placed by dynamic sites, where information is stored in databases and non trivial computation is performed. Reverse engineering of a model from an existing Web application is useful for

Paolo Tonella; Filippo Ricca

2002-01-01

223

Object-oriented Web application architectures and development strategies  

Microsoft Academic Search

The development of Web applications is moving quickly due to an explosive increase of Internet use. However, the architectures of current Web applications reveal several constraints and limitations in terms of performance, functionality, usability, etc. Several candidate technologies such as Java, Java RMI, Web-ORB, and Agents have been introduced. However, it has not been studied how these unit technologies can

Eun Sook Cho; Soo Dong Kim; Sung Yul Rhew; Sang Duck Lee; Chang Gap Kim

1997-01-01

224

75 FR 30892 - Self-Regulatory Organizations; Municipal Securities Rulemaking Board; Notice of Filing of...  

Federal Register 2010, 2011, 2012, 2013

...information regarding municipal securities to the MSRB, at no charge...dissemination on the EMMA Web site, the EMMA Web site would display such...the applicable municipal security otherwise displayed on the EMMA Web site. Currently,...

2010-06-02

225

Web-Enabled Scientific Services & Applications (Calculators)  

NSDL National Science Digital Library

Anyone without access to a statistical software package may find this Web site to be a valuable tool. A wide variety of free online utilities are offered, including data and equation plotting, regression analysis, and scientific forecasting. The applications' interfaces are very straightforward, and many options are available for users to input their data and customize the desired output. No explanation of the applications' functions and settings is included. This is not necessarily a problem, however, since it is expected that users will know what kind of statistical analyses they want to perform on their data beforehand.

226

Intelligent analysis of user interactions with web applications  

Microsoft Academic Search

In this paper, we describe a tool able to perform intelligent analysis of Web browser logs using the information contained in the task model of the application. We show how this approach supports remote usability evaluation of Web sites.

Laila Paganelli; Fabio Paternò

2002-01-01

227

Web Applications and Thin Clients in the Navy.  

National Technical Information Service (NTIS)

This thesis investigates the advantages and disadvantages of transitioning to Web Applications and Thin Client-Server Architecture for U.S. Navy shore based Components. Thin Clients and Web Technology have advanced significantly over the last few years an...

J. L. Britt

2011-01-01

228

Synchronizer - A Web-Based Application to Enhance Capabilities of NEESCentral Web Portal  

Microsoft Academic Search

This paper discusses the development of a web- based application named Synchronizer to enhance the capability of the NEESCentral Web Portal. The NEESCentral Web Portal is a cyber infrastructure tool available to all NEES participants and is designed to provide a simple way for researchers to share and archive their project data with NEES Repository. Synchronizer has been developed to

Thuy T. Le; Syeda Naema Hashmi; Kurt Mcmullin

2008-01-01

229

Reliability, Compliance and Security of Web-based Pre/Post-testing  

NSDL National Science Digital Library

Pre/post testing is an important tool for improving science education. Standard in-class administration has drawbacks such as `lost' class time and converting data into electronic format. These are not issues for unproctored web-based administration, but there are concerns about assessment validity, compliance rates, and instrument security. A preliminary investigation compared astronomy students taking pre/post tests on paper to those taking the same tests over the web. The assessments included the Epistemological Beliefs Assessment for Physical Science and a conceptual assessment developed for this study. Preliminary results on validity show no significant difference on scores or on most individual questions. Compliance rates were similar between web and paper on the pretest and much better for web on the posttest. Remote monitoring of student activity during the assessments recorded no clear indication of any copying, printing or saving of questions, and no widespread use of the web to search for answers.

Bonham, Scott W.

2007-11-25

230

Reliability, Compliance and Security of Web-based Pre/Post-testing  

NASA Astrophysics Data System (ADS)

Pre/post testing is an important tool for improving science education. Standard in-class administration has drawbacks such as `lost' class time and converting data into electronic format. These are not issues for unproctored web-based administration, but there are concerns about assessment validity, compliance rates, and instrument security. A preliminary investigation compared astronomy students taking pre/post tests on paper to those taking the same tests over the web. The assessments included the Epistemological Beliefs Assessment for Physical Science and a conceptual assessment developed for this study. Preliminary results on validity show no significant difference on scores or on most individual questions. Compliance rates were similar between web and paper on the pretest and much better for web on the posttest. Remote monitoring of student activity during the assessments recorded no clear indication of any copying, printing or saving of questions, and no widespread use of the web to search for answers.

Bonham, Scott

2007-01-01

231

76 FR 7884 - Self-Regulatory Organizations; International Securities Exchange, LLC; Order Approving Proposed...  

Federal Register 2010, 2011, 2012, 2013

...Uniform Application for Securities Industry Registration...Depository System (``Web CRD''), and must pass the General Securities Representative examination...already registered in Web CRD must register (i...person is engaged in the securities business of a...

2011-02-11

232

Building Trust Through Secure Web Sites. The Systems Librarian  

ERIC Educational Resources Information Center

Who can be trusted on the Web? These days, with identity theft seemingly rampant, it's more important than ever to take all possible measures to protect privacy and to shield personal information from those who might not have good intentions. Today, librarians also have to take reasonable precautions to ensure that the online services that they…

Breeding, Marshall

2005-01-01

233

A DIAGRAM APPROACH TO AUTOMATIC GENERATION OF JSP\\/SERVLET WEB APPLICATIONS  

Microsoft Academic Search

We defined diagrams called Web transition diagrams to rep- resent overall behavior of Web applications. Using these diagrams, we can generate server program type Web ap- plications such as CGI-based Web applications, and server page type Web applications such as ASP-based Web appli- cations. The purpose of this paper is to design Web transi- tion diagrams to represent wider class

Kornkamol Jamroendararasame; Tetsuya Suzuki; Takehiro Tokuda

234

A visual environment for dynamic web application composition  

Microsoft Academic Search

HTML-based interface technologies enable end-users to easily use various remote Web applications. However, it is difficult for end-users to compose new integrated tools of both existing Web applications and legacy local applications such as spreadsheets, chart tools and database. In this paper, the authors propose a new framework where end-users can wrap remote Web applications into visual components called pads,

Kimihito Ito; Yuzuru Tanaka

2003-01-01

235

Web Application Models Are More Than Conceptual Models  

Microsoft Academic Search

In this paper, we argue that web applications are a particular kind of hypermedia applications and show how to model their navigational structure. We motivate our paper discussing the most important problems in the design of complex Web applications. We argue that if we need to design applications combining hypermedia navigation with complex transactional behaviors (as in E-commerce systems), we

Gustavo Rossi; Daniel Schwabe; Fernando Lyardet

1999-01-01

236

A Transformation-Driven Approach to the Verification of Security Policies in Web Designs  

Microsoft Academic Search

In this paper, we present a verification framework for security poli- cies of Web designs. The framework is based on the transformation of the models that conform the system design into a formalism where further analysis can be performed. The transformation is specified as a triple graph transformation sys- tem, which in addition creates mappings between the elements in the

Esther Guerra; Daniel Sanz; Paloma Díaz; Ignacio Aedo

2007-01-01

237

Where Did All the Data Go? Internet Security for Web-based Assessments.  

ERIC Educational Resources Information Center

Outlines a series of security steps that might be taken by researchers or organizations that are contemplating Web-based tests and performance assessments. Focuses on what can be done to avoid the loss, compromising, or modification of data collected by or stored through the Internet. (SLD)

Shermis, Mark D.; Averitt, Jason

2002-01-01

238

On Homeland Security and the Semantic Web: A Provenance and Trust Aware Inference Framework  

Microsoft Academic Search

Discovering and evaluating interesting patterns and semantic associations in vast amount of information provided by many different sources is an important and time-consuming work for homeland security analysts. By publishing or convert- ing such information in semantic web language, intelligent agents can automate the inference without compromising the semantics. This paper describes how trust and provenance can be represented\\/obtained in

Li Ding; Pranam Kolari; Tim Finin; Anupam Joshi; Yun Peng; Yelena Yesha

239

Development of Standardized Clinical Training Cases for Diagnosis of Sexual Abuse using a Secure Telehealth Application  

ERIC Educational Resources Information Center

Objectives: The training of physicians, nurse examiners, social workers and other health professional on the evidentiary findings of sexual abuse in children is challenging. Our objective was to develop peer reviewed training cases for medical examiners of child sexual abuse, using a secure web based telehealth application (TeleCAM). Methods:…

Frasier, Lori D.; Thraen, Ioana; Kaplan, Rich; Goede, Patricia

2012-01-01

240

Speeding up Secure Web Transactions Using Elliptic Curve Cryptography  

Microsoft Academic Search

Elliptic Curve Cryptography (ECC) is emerging as an attractive alternative to traditional public-key cryptosys- tems (RSA, DSA, DH). ECC offers equivalent security with smaller key sizes resulting in faster computations, lower power consumption, as well as memory and bandwidth sav- ings. While these characteristics make ECC especially ap- pealing for mobile devices, they can also alleviate the com- putational burden

Vipul Gupta; Douglas Stebila; Stephen Fung; Sheueling Chang Shantz; Nils Gura; Hans Eberle

2004-01-01

241

MEMS and MOEMS for national security applications  

NASA Astrophysics Data System (ADS)

Major opportunities for microsystem insertion into commercial applications, such as telecommunications and medical prosthesis, are well known. Less well known are applications that ensure the security of our nation, the protection of its armed forces, and the safety of its citizens. Microsystems enable entirely new possibilities to meet National Security needs, which can be classed along three lines: anticipating security needs and threats, deterring the efficacy of identified threats, and defending against the application of these threats. In each of these areas, specific products that are enabled by MEMS and MOEMS are discussed. In the area of anticipating needs and threats, sensored microsystems designed for chem/bio/nuclear threats, and sensors for border and asset protection can significantly secure our borders, ports, and transportation systems. Key features for these applications include adaptive optics and spectroscopic capabilities. Microsystems to monitor soil and water quality can be used to secure critical infrastructure, food safety can be improved by in-situ identification of pathogens, and sensored buildings can ensure the architectural safety of our homes and workplaces. A challenge to commercializing these opportunities, and thus making them available for National Security needs, is developing predictable markets and predictable technology roadmaps. The integrated circuit manufacturing industry provides an example of predictable technology maturation and market insertion, primarily due to the existence of a "unit cell" that allows volume manufacturing. It is not clear that microsystems can follow an analogous path. The possible paths to affordable low-volume production, as well as the prospects of a microsystems unit cell, are discussed.

Scott, Marion W.

2003-01-01

242

Model-Based Penetration Test Framework for Web Applications Using TTCN-3  

NASA Astrophysics Data System (ADS)

Penetration testing is a widely used method for testing the security of web applications, but it can be inefficient if it is not done systematically. Public databases of web application vulnerabilities can be used to drive penetration testing, but testers need to understand them and interpret them into executable test cases. This requires an in-depth knowledge of security. This paper proposes a model-based testing approach using a data model that describes the relationship between web security knowledge, business domain knowledge, and test case development. The approach consists of a data model that represents the relevance between attack surface, application fingerprint, attack vectors, and fuzz vectors; a test case generator that automatically generates penetration test scenarios for web applications; and a penetration test framework supported by TTCN-3 test environment. The model-based testing approach can be used to provide structured tool support for developing penetration test campaigns. We demonstrate the feasibility and efficiency of the approach at the design level.

Xiong, Pulei; Stepien, Bernard; Peyton, Liam

243

On Enabling Secure Applications Through Off-Line Biometric Identification  

Microsoft Academic Search

In developing secure applications and systems, designers must often incorporate secure user identification in the design specification. In this paper, we study secure off-line authenticated user identification schemes based on a biometric system that can measure a user's biometrics accurately (up to some Hamming distance). The presented schemes enhance identification and authorization in secure applications by binding a biometric template

George I. Davida; Yair Frankel; Brian J. Matt

1998-01-01

244

AnnotateGenomicRegions: a web application  

PubMed Central

Background Modern genomic technologies produce large amounts of data that can be mapped to specific regions in the genome. Among the first steps in interpreting the results is annotation of genomic regions with known features such as genes, promoters, CpG islands etc. Several tools have been published to perform this task. However, using these tools often requires a significant amount of bioinformatics skills and/or downloading and installing dedicated software. Results Here we present AnnotateGenomicRegions, a web application that accepts genomic regions as input and outputs a selection of overlapping and/or neighboring genome annotations. Supported organisms include human (hg18, hg19), mouse (mm8, mm9, mm10), zebrafish (danRer7), and Saccharomyces cerevisiae (sacCer2, sacCer3). AnnotateGenomicRegions is accessible online on a public server or can be installed locally. Some frequently used annotations and genomes are embedded in the application while custom annotations may be added by the user. Conclusions The increasing spread of genomic technologies generates the need for a simple-to-use annotation tool for genomic regions that can be used by biologists and bioinformaticians alike. AnnotateGenomicRegions meets this demand. AnnotateGenomicRegions is an open-source web application that can be installed on any personal computer or institute server. AnnotateGenomicRegions is available at: http://cru.genomics.iit.it/AnnotateGenomicRegions.

2014-01-01

245

Lessons Learned Using the Web as an Application Interface  

Microsoft Academic Search

We show how to deliver a sophisticated, yet intuitive, interactive application over the web using off-the-shelf web browsers as the interaction medium. This attracts a large user community, improves the rate of user acceptance, and avoids many of the pitfalls of software distribution. Web delivery imposes a novel set of constraints on user interface design. We outline the tradeoffs in

James Rice; Adam Farquhar; Philippe Piernot; Thomas Gruber

1995-01-01

246

Piazza: data management infrastructure for semantic web applications  

Microsoft Academic Search

The Semantic Web envisions a World Wide Web in which data is described with rich semantics and applications can pose complex queries. To this point, researchers have defined new languages for specifying meanings for concepts and developed techniques for reasoning about them, using RDF as the data model. To flourish, the Semantic Web needs to be able to accommodate the

Alon Y. Halevy; Zachary G. Ives; Peter Mork; Igor Tatarinov

2003-01-01

247

Quality of Security Service for Web Services within SOA  

Microsoft Academic Search

Service-Oriented Architecture (SOA) is a paradigm for creating and encapsulating business processes in the form of loose-coupling, autonomous and abstracted services. Managing the non-functional requirements of SOA such as security, is an over arching problem due to the wide variety of ways the service consumer can access the services offered by the service provider and the equally varied restrictions the

Hany F. El Yamany; Miriam A. M. Capretz; David S. Allison

2009-01-01

248

Monitoring image quality for security applications  

NASA Astrophysics Data System (ADS)

This work is focusing on the definition of a procedure for the qualification of coding schemes for video surveillance applications. It consists in developing and benchmarking tools that learn from the expertise of police and security department. This expertise is intended to be modeled thanks to a campaign of subjective measurement allowing to analyze the way they are using in performing the security tasks like face or license plate recognition, event detection and so on. The results of the previous test are used will be used to tune and to construct a hybrid metric based on basic artifacts detection due to compression and transmission.

Larabi, Mohamed-Chaker; Nicholson, Didier

2011-01-01

249

An empirical investigation into open source web applications' implementation vulnerabilities  

Microsoft Academic Search

Current web applications have many inherent vulnerabilities; in fact, in 2008, over 63% of all documented vulnerabilities\\u000a are for web applications. While many approaches have been proposed to address various web application vulnerability issues,\\u000a there has not been a study to investigate whether these vulnerabilities share any common properties. In this paper, we use\\u000a an approach similar to the Goal-Question-Metric

Toan Huynh; James Miller

2010-01-01

250

Construction of Web Application for Cusp Surface Analysis  

Microsoft Academic Search

This paper describes about construction of Web application for cusp surface analysis. Client accesses to the Web server in\\u000a order to analyze the data for cusp surface analysis, and a user’s browser downloads Web page for data input automatically.\\u000a Client can be offered through Web browsers by using HTML generated dynamically by Java Server Pages (JSP) technology, or Java\\u000a applets.

Yasufumi Kume; Zaw Aung Htwe Maung

2007-01-01

251

Authoring and Maintaining of Educational Applications on the Web.  

ERIC Educational Resources Information Center

This paper discusses problems concerning the design of educational applications in general, as well as specific problems connected with educational applications meant to be published on the Web. A new approach to the authoring and maintaining of Web-based educational applications is proposed which is based on the concept of hypermedia composites.…

Helic, Denis; Maurer, Hermann; Scherbakov, Nick

252

Auditing the Defense Against Cross Site Scripting in Web Applications  

Microsoft Academic Search

Majority attacks to web applications today are mainly carried out through input manipulation in order to cause unintended actions of these applications. These attacks exploit the weaknesses of web applications in preventing the manipulation of inputs. Among these attacks, cross site scripting attack — malicious input is submitted to perform unintended actions on a HTML response page — is a

Lwin Khin Shar; Hee Beng Kuan Tan

2010-01-01

253

CRCHD - Patient Navigation Information: Publications, Web Sites, and Applications  

Cancer.gov

CRCHD - Patient Navigation Information: Publications, Web Sites, and Applications  Back to CRCHD Ongoing Research PNP Background Patient Navigation Information Patient Navigation Concept What Are Patient Navigators? Patient Navigation

254

Photonic sensor applications in transportation security  

NASA Astrophysics Data System (ADS)

There is a broad range of security sensing applications in transportation that can be facilitated by using fiber optic sensors and photonic sensor integrated wireless systems. Many of these vital assets are under constant threat of being attacked. It is important to realize that the threats are not just from terrorism but an aging and often neglected infrastructure. To specifically address transportation security, photonic sensors fall into two categories: fixed point monitoring and mobile tracking. In fixed point monitoring, the sensors monitor bridge and tunnel structural health and environment problems such as toxic gases in a tunnel. Mobile tracking sensors are being designed to track cargo such as shipboard cargo containers and trucks. Mobile tracking sensor systems have multifunctional sensor requirements including intrusion (tampering), biochemical, radiation and explosives detection. This paper will review the state of the art of photonic sensor technologies and their ability to meet the challenges of transportation security.

Krohn, David A.

2007-10-01

255

Agents of responsibility - freelance web developers in web applications development  

Microsoft Academic Search

Much of the literature on responsibility in the IT field addresses the responsibilities of members of the IT profession. In this paper, we investigate to what extent the responsibilities associated with computing practitioners apply to freelance web developers. The relevant moral question is not \\

Malik Aleem Ahmed; Jeroen van den Hoven

2010-01-01

256

78 FR 35043 - Aviation Security Advisory Committee Charter Renewal and Request for Applicants  

Federal Register 2010, 2011, 2012, 2013

...Docket Management System (FDMS) Web page at http://www.regulations...the Government Printing Office's Web page at http://www.gpoaccess...html; or (3) Visiting TSA's Security Regulations Web page at...

2013-06-11

257

An Empirical Comparison of Test Suite Reduction Techniques for User-Session-Based Testing of Web Applications  

Microsoft Academic Search

Automated cost-effective test strategies are needed to provide reliable, secure, and usable web applications. As a software maintainer updates an application, test cases mus t accurately reflect usage to expose faults that users are most likely to encounter. User-session-based testing is an auto - mated approach to enhancing an initial test suite with real user data, enabling additional testing during

Sara Sprenkle; Sreedevi Sampath; Emily Gibson; Lori L. Pollock; Amie L. Souter

2005-01-01

258

A method for measuring the structure complexity of web application  

Microsoft Academic Search

The precise and effective measure results of Web applications not only facilitate good comprehension of them, but also benefit\\u000a to the macro-management of software activities, such as testing, reverse engineering, reuse, etc. The paper exploits some\\u000a researches on measuring the structure complexity of Web application. Through a deep analysis of the configuration and objects'\\u000a interactions of Web system, two conclusions

Mao Cheng-ying; Lu Yan-sheng

2006-01-01

259

Just-in-time Database-Driven Web Applications  

PubMed Central

"Just-in-time" database-driven Web applications are inexpensive, quickly-developed software that can be put to many uses within a health care organization. Database-driven Web applications garnered 73873 hits on our system-wide intranet in 2002. They enabled collaboration and communication via user-friendly Web browser-based interfaces for both mission-critical and patient-care-critical functions. Nineteen database-driven Web applications were developed. The application categories that comprised 80% of the hits were results reporting (27%), graduate medical education (26%), research (20%), and bed availability (8%). The mean number of hits per application was 3888 (SD = 5598; range, 14-19879). A model is described for just-in-time database-driven Web application development and an example given with a popular HTML editor and database program.

2003-01-01

260

Experiences Building Security Applications on DHTs  

Microsoft Academic Search

In the recent past we introduced two new security applications built on peer-to-peer systems and distributed hashtables (DHTs). First, we designed Adeona (18), which leverages DHTs to provide a privacy-preserving laptop tracking solution. Second, we designed the Vanish (10) self- destructing data system, which uses DHTs to protect against retroactive attacks on archived data in the cloud. Both systems exploit

Tadayoshi Kohno; Arvind Krishnamurthy; Henry M. Levy

2009-01-01

261

Customisation for ubiquitous web applications a comparison of approaches  

Microsoft Academic Search

Ubiquitous web applications adhering to the anytime\\/anywhere\\/ anymedia paradigm are required to be customisable meaning the adaptation of their services towards a certain context. Several approaches for customising ubiquitous web applications have been already proposed, each of them having different origins and pursuing different goals for dealing with the unique characteristics of ubiquity. This paper compares some of these proposals,

Gerti Kappel; Birgit Pröll; Werner Retschitzegger; Wieland Schwinger

2003-01-01

262

Identifying Cross Site Scripting Vulnerabilities in Web Applications  

Microsoft Academic Search

Cross site scripting (XSS) is a vulnerability of a Web application that is essentially caused by the failure of the application to check up on user input before returning it to the client's Web browser. Without an adequate validation, user input may include malicious code that may be sent to other clients and unexpectedly executed by their browsers, thus causing

Giuseppe A. Di Lucca; Anna Rita Fasolino; M. Mastoianni; Porfirio Tramontana

2004-01-01

263

A mobile application framework for the geospatial web  

Microsoft Academic Search

In this paper we present an application framework that leverages geospatial content on the World Wide Web by enabling innovative modes of interaction and novel types of user interfaces on advanced mobile phones and PDAs. We discuss the current development steps involved in building mobile geospatial Web applications and derive three technological pre-requisites for our framework: spatial query operations based

Rainer Simon; Peter Fröhlich

2007-01-01

264

Atlantis: robust, extensible execution environments for web applications  

Microsoft Academic Search

Today's web applications run inside a complex browser environment that is buggy, ill-specified, and implemented in different ways by different browsers. Thus, web applications that desire robustness must use a variety of conditional code paths and ugly hacks to deal with the vagaries of their runtime. Our new exokernel browser, called Atlantis, solves this problem by providing pages with an

James Mickens; Mohan Dhawan

2011-01-01

265

Runtime Verification for the Web - A Tutorial Introduction to Interface Contracts in Web Applications  

Microsoft Academic Search

\\u000a This tutorial presents an introduction to the monitoring of web applications. These applications run in a user’s web browser\\u000a and exchange requests and responses with a server in the background to update their display. A demo application, called the\\u000a Beep Store, illustrates why complex properties on this exchange must be verified at runtime. These properties can be formalized\\u000a using an

Sylvain Hallé; Roger Villemaire

2010-01-01

266

Developing a Security Typed Java Servlet  

Microsoft Academic Search

The Lack of security policy enforcement in Web development languages is one of the most important challenges in Web application systems development, as there is no formal check for security policy violation that may occur during Web application system development. To check for policy compliance, the programmer must walk through all the code and check every line to make sure

Doaa Hassan; Sherif El-kassas; Ibrahim Ziedan

2008-01-01

267

Medicolegal considerations in the implementation of a PACS web application.  

PubMed

The goal of this study is to provide the clinical end users of an enterprisewide picture archiving and communication system/Web application with a thorough understanding of the application and education to maintain patient privacy and protection. PMID:12105740

Cook, Kay

2002-01-01

268

Weaving a Secure Web around Education: A Guide to Technology Standards and Security.  

ERIC Educational Resources Information Center

The purpose of this guidebook is to assist education agencies and organizations--which include state education agencies or state departments of education, school districts, and schools--in the development, maintenance, and standardization of effective Web sites. Also included is a detailed examination of the procedures necessary to provide…

National Forum on Education Statistics (ED/OERI), Washington, DC.

269

Mobile web applications: bringing mobile apps and web together  

Microsoft Academic Search

The popularity of mobile applications is very high and still growing rapidly. These applications allow their users to stay connected with a large number of service providers in seamless fashion, both for leisure and productivity. But service prThe popularity of mobile applications is very high and still growing rapidly. These applications allow their users to stay connected with a large

Marie-Claire Forgue; Dominique Hazaël-Massieux

2012-01-01

270

Secure Web-based Ground System User Interfaces over the Open Internet  

NASA Technical Reports Server (NTRS)

A prototype has been developed which makes use of commercially available products in conjunction with the Java programming language to provide a secure user interface for command and control over the open Internet. This paper reports successful demonstration of: (1) Security over the Internet, including encryption and certification; (2) Integration of Java applets with a COTS command and control product; (3) Remote spacecraft commanding using the Internet. The Java-based Spacecraft Web Interface to Telemetry and Command Handling (Jswitch) ground system prototype provides these capabilities. This activity demonstrates the use and integration of current technologies to enable a spacecraft engineer or flight operator to monitor and control a spacecraft from a user interface communicating over the open Internet using standard World Wide Web (WWW) protocols and commercial off-the-shelf (COTS) products. The core command and control functions are provided by the COTS Epoch 2000 product. The standard WWW tools and browsers are used in conjunction with the Java programming technology. Security is provided with the current encryption and certification technology. This system prototype is a step in the direction of giving scientist and flight operators Web-based access to instrument, payload, and spacecraft data.

Langston, James H.; Murray, Henry L.; Hunt, Gary R.

1998-01-01

271

Internet as clinical information system: application development using the World Wide Web.  

PubMed Central

Clinical computing application development at Columbia-Presbyterian Medical Center has been limited by the lack of a flexible programming environment that supports multiple client user platforms. The World Wide Web offers a potential solution, with its multifunction servers, multiplatform clients, and use of standard protocols for displaying information. The authors are now using the Web, coupled with their own local clinical data server and vocabulary server, to carry out rapid prototype development of clinical information systems. They have developed one such prototype system that can be run on most popular computing platforms from anywhere on the Internet. The Web paradigm allows easy integration of clinical information with other local and Internet-based information sources. The Web also simplifies many aspects of application design; for example, it includes facilities for the use of encryption to meet the authors' security and confidentiality requirements. The prototype currently runs on only the Web server in the Department of Medical Informatics at Columbia University, but it could be run on other Web servers that access the authors' clinical data and vocabulary servers. It could also be adapted to access clinical information from other systems with similar server capabilities. This approach may be adaptable for use in developing institution-independent standards for data and application sharing.

Cimino, J J; Socratous, S A; Clayton, P D

1995-01-01

272

Future for security applications of optical holography  

NASA Astrophysics Data System (ADS)

The use of holograms for security and authentication accounts for around half of all optical holograms produced. This sector is crucial to the hologram industry. Yet it is under threat, as holograms become the target of criminals around the world who wish to counterfeit the documents and products the holograms protect. It is possible to produce holograms using techniques and security procedures which raise the barriers to the counterfeiters, but the hologram industry appears to be complacent and inadequately prepared to deal with this threat to its future. This requires the production of appropriate holograms for each application, awareness, education, and policing. A suitable vehicle for the implementation of these tasks now exists in the International Hologram Manufacturers Association and its Hologram Image Register.

Lancaster, Ian M.

1995-07-01

273

A security evaluation of a novel resilient web serving architecture: Lessons learned through industry\\/academia collaboration  

Microsoft Academic Search

We have previously developed a virtualization-based web serving architecture and a prototype to enhance web service resilience under cyber attack. The proposed system utilizes replicated virtual servers managed by a closed-loop feedback controller without humans in the loop. We have replicated the prototype at the Raytheon Company, which conducted a thorough penetration test and security examination. In this paper, we

Yih Huang; Anup K. Ghosh; Tom Bracewell; Brian Mastropietro

2010-01-01

274

Restricted access processor - An application of computer security technology  

NASA Technical Reports Server (NTRS)

This paper describes a security guard device that is currently being developed by Computer Sciences Corporation (CSC). The methods used to provide assurance that the system meets its security requirements include the system architecture, a system security evaluation, and the application of formal and informal verification techniques. The combination of state-of-the-art technology and the incorporation of new verification procedures results in a demonstration of the feasibility of computer security technology for operational applications.

Mcmahon, E. M.

1985-01-01

275

The Research Wizard: An Innovative Web Application for Patron Service  

Microsoft Academic Search

The Research Wizard, a database-driven Web application developed at the University of Nebraska at Omaha's University Library, provides opportunities to offer patron services in new and innovative ways. Running on an open source PHP\\/MySQL framework known as iDriver, the Wizard delivers customized content via topical keyword access. Library Web site maintenance frustrations have eased with this move to database-backed Web

Karen K. Hein; Marc W. Davis

2002-01-01

276

Study of distributed computing system based on web services  

NASA Astrophysics Data System (ADS)

For the security issues in distributed computing applications, combined with Web Services management system design and implementation, based on the research of Web Services and its security technology, this paper designs a distributed computing test system based on Web Services, in detail describes its key technologies, which further validates the advantages of Web Services technology for the distributed computing in loosely coupled network environment.

Wang, Lu-Feng

2013-03-01

277

Applications of superconducting bolometers in security imaging  

NASA Astrophysics Data System (ADS)

Millimeter-wave (MMW) imaging systems are currently undergoing deployment World-wide for airport security screening applications. Security screening through MMW imaging is facilitated by the relatively good transmission of these wavelengths through common clothing materials. Given the long wavelength of operation (frequencies between 20 GHz to ~ 100 GHz, corresponding to wavelengths between 1.5 cm and 3 mm), existing systems are suited for close-range imaging only due to substantial diffraction effects associated with practical aperture diameters. The present and arising security challenges call for systems that are capable of imaging concealed threat items at stand-off ranges beyond 5 meters at near video frame rates, requiring substantial increase in operating frequency in order to achieve useful spatial resolution. The construction of such imaging systems operating at several hundred GHz has been hindered by the lack of submm-wave low-noise amplifiers. In this paper we summarize our efforts in developing a submm-wave video camera which utilizes cryogenic antenna-coupled microbolometers as detectors. Whilst superconducting detectors impose the use of a cryogenic system, we argue that the resulting back-end complexity increase is a favorable trade-off compared to complex and expensive room temperature submm-wave LNAs both in performance and system cost.

Luukanen, A.; Leivo, M. M.; Rautiainen, A.; Grönholm, M.; Toivanen, H.; Grönberg, L.; Helistö, P.; Mäyrä, A.; Aikio, M.; Grossman, E. N.

2012-12-01

278

The U.S. Army Research Laboratory (ARL) multimodal signature database (MMSDB) advanced data storage solutions and security of data over the web  

NASA Astrophysics Data System (ADS)

The U.S. Army Research Laboratory (ARL) archives vast amounts of data requiring a secure, portable file format, along with a versatile software library for storing and accessing its data. Hierarchical Data Format 5 (HDF5) is a popular, general-purpose library and open-source file format designed for archiving data, and providing extreme interoperability and data encryption for secure accessibility. This paper will provide an overview of the current state of effectively integrating encryption algorithms into HDF5 datasets, along with possible applications, expectations, and limitations, including a discussion on creating a framework for dissemination of sensitive data over the Web.

Bennett, Kelly; Robertson, James

2012-05-01

279

Model-driven development of context-aware Web applications  

Microsoft Academic Search

Context-aware, multi-channel Web applications are more and more gaining consensus among both content providers and consumers, but very few proposals exist for their conceptual modeling. This paper illustrates a conceptual framework that provides modeling facilities for context-aware, multi-channel Web applications; it also shows how high-level modeling constructs can drive the application development process through automatic code generation. Our work stresses

Stefano Ceri; Florian Daniel; Maristella Matera; Federico Michele Facca

2007-01-01

280

Building intelligent Web applications using lightweight wrappers  

Microsoft Academic Search

The Web so far has been incredibly successful at delivering information to human users. So successful actually, that there is now an urgent need to go beyond a browsing human. Unfortunately, the Web is not yet a well organized repository of nicely structured documents but rather a conglomerate of volatile HTML pages.To address this problem, we present the World Wide

Arnaud Sahuguet; Fabien Azavant

2001-01-01

281

Application of Mobile Agents in Web-Based Learning Environment.  

ERIC Educational Resources Information Center

Web-based learning environments are strongly driven by the information revolution and the Internet, but they have a number of common deficiencies, such as slow access, no adaptivity to the individual student, limitation by bandwidth, and more. This paper outlines the benefits of mobile agents technology, and describes its application in Web-based…

Hong Hong, Kinshuk; He, Xiaoqin; Patel, Ashok; Jesshope, Chris

282

A Reputation and Trust Management Broker Framework for Web Applications  

Microsoft Academic Search

This paper presents a distributed reputation and trust management framework that addresses the challenges of eliciting, evaluating and propagating reputation for web applications. We propose a broker framework where every service user is associated with a broker who may represent multiple users. A broker collects for its users the distributed reputation ratings about any web service. In return, a user

Kwei-jay Lin; Haiyin Lu; Tao Yu; Chia-en Tai

2005-01-01

283

Web Services: Distributed Applications without Limits - An Outline  

Microsoft Academic Search

Web services technology is all about distributed computing. There is no fundamentally new basic concept behind this and related technologies. What is really new is the reach of Web services and its ubiquitous support by literally all major vendors. Most likely, heterogeneity will at the end no longer be an obstruc- tion for distributed applications. This will have impact on

Frank Leymann

284

Web Applications Design and Maintenance Using Symbolic Model Checking  

Microsoft Academic Search

We present an approach to automatic checking of the correctness of Web applications structure during their lifecycle. The approach adopts the well-established symbolic model checking technique and the associated tool SMV. A formalism allows the designer to describe the model of a Web-based system. Computation Tree Logic (CTL) is adopted as language to define the properties to be verified. The

Eugenio Di Sciascio; Francesco M. Donini; Marina Mongiello; Giacomo Piscitelli

2003-01-01

285

Building Web applications with Ruby on Rails and DB2  

Microsoft Academic Search

Ruby is a powerful language inspired by, among others, Perl, Smalltalk and Lisp. Over the past few years it has become one of the most used programming languages for Web application development. While a remarkable programming language in its own right, most of its success can be tied to the release, in 2004, of the Web framework, Ruby on Rails.

Antonio Cangiano

2009-01-01

286

Application-aware Interface for SOAP Communication in Web Services  

Microsoft Academic Search

SOAP protocol has emerged as the Web service communication standard. Because of the relatively poor performance, many researchers focus on improving the speed of processing SOAP message. In this paper, we propose SPI, which introduces client usage pattern to the low level SOAP process infrastructure, in order to improve the performance of some kind of Web services applications with specific

Hao Wang; Yizhu Tong; Hong Liu; Taoying Liu

2006-01-01

287

75 FR 22151 - National Maritime Security Advisory Committee; Vacancies  

Federal Register 2010, 2011, 2012, 2013

...recommendations on national maritime security matters to the Secretary of Homeland Security via the Commandant of the...application form visit NMSAC Web site at http://www.homeport...under Missions>Maritime Security>National Maritime...

2010-04-27

288

75 FR 8088 - Privacy Act of 1974; Department of Homeland Security/ALL-023 Personnel Security Management System...  

Federal Register 2010, 2011, 2012, 2013

...information to carry out national security, law enforcement, immigration...records notice. The Office of the Chief Security Officer is implementing a new web- based personnel and information security application, Integrated...

2010-02-23

289

Video performance for high security applications.  

SciTech Connect

The complexity of physical protection systems has increased to address modern threats to national security and emerging commercial technologies. A key element of modern physical protection systems is the data presented to the human operator used for rapid determination of the cause of an alarm, whether false (e.g., caused by an animal, debris, etc.) or real (e.g., a human adversary). Alarm assessment, the human validation of a sensor alarm, primarily relies on imaging technologies and video systems. Developing measures of effectiveness (MOE) that drive the design or evaluation of a video system or technology becomes a challenge, given the subjectivity of the application (e.g., alarm assessment). Sandia National Laboratories has conducted empirical analysis using field test data and mathematical models such as binomial distribution and Johnson target transfer functions to develop MOEs for video system technologies. Depending on the technology, the task of the security operator and the distance to the target, the Probability of Assessment (PAs) can be determined as a function of a variety of conditions or assumptions. PAs used as an MOE allows the systems engineer to conduct trade studies, make informed design decisions, or evaluate new higher-risk technologies. This paper outlines general video system design trade-offs, discusses ways video can be used to increase system performance and lists MOEs for video systems used in subjective applications such as alarm assessment.

Connell, Jack C.; Norman, Bradley C.

2010-06-01

290

Web - \\  

Microsoft Academic Search

Web matured from Web to Web 2.0; contents and services matured from static content to dynamic contents; streaming, voice over IP, instant messaging, forums, blogs, commerce, payments, and lifestyle based actionable information. In access methods, we saw maturity from classical Web to Wireless Web to Mobile Web. Web is used in the advanced economies today for \\

Asoke K Talukder

2007-01-01

291

Interactive, Secure Web-enabled Aircraft Engine Simulation Using XML Databinding Integration  

NASA Technical Reports Server (NTRS)

This paper discusses the detailed design of an XML databinding framework for aircraft engine simulation. The framework provides an object interface to access and use engine data. while at the same time preserving the meaning of the original data. The Language independent representation of engine component data enables users to move around XML data using HTTP through disparate networks. The application of this framework is demonstrated via a web-based turbofan propulsion system simulation using the World Wide Web (WWW). A Java Servlet based web component architecture is used for rendering XML engine data into HTML format and dealing with input events from the user, which allows users to interact with simulation data from a web browser. The simulation data can also be saved to a local disk for archiving or to restart the simulation at a later time.

Lin, Risheng; Afjeh, Abdollah A.

2003-01-01

292

Dendritic web silicon for solar cell application  

NASA Technical Reports Server (NTRS)

The dendritic web process for growing long thin ribbon crystals of silicon and other semiconductors is described. Growth is initiated from a thin wirelike dendrite seed which is brought into contact with the melt surface. Initially, the seed grows laterally to form a button at the melt surface; when the seed is withdrawn, needlelike dendrites propagate from each end of the button into the melt, and the web portion of the crystal is formed by the solidification of the liquid film supported by the button and the bounding dendrites. Apparatus used for dendritic web growth, material characteristics, and the two distinctly different mechanisms involved in the growth of a single crystal are examined. The performance of solar cells fabricated from dendritic web material is indistinguishable from the performance of cells fabricated from Czochralski grown material.

Seidensticker, R. G.

1977-01-01

293

Streamflow Statistics (StreamStats) Web Application for Ohio.  

National Technical Information Service (NTIS)

A StreamStats Web application was developed for Ohio that implements equations for estimating a variety of streamflow statistics including the 2-, 5-, 10-, 25-, 50-, 100-, and 500-year peak streamflows, mean annual streamflow, mean monthly streamflows, ha...

B. M. Puskas G. F. Koltun S. P. Kula

2006-01-01

294

Automated replay and failure detection for web applications  

Microsoft Academic Search

User-session-based testing of web applications gathers user sessions to create and continually update test suites based on real user input in the field. To support this approach during maintenance and beta testing phases, we have built an au- tomated framework for testing web-based software that fo- cuses on scalability and evolving the test suite automatically as the application's operational profile

Sara Sprenkle; Emily Gibson; Sreedevi Sampath; Lori L. Pollock

2005-01-01

295

An Object Oriented Approach to Web-Based Application Design  

Microsoft Academic Search

In this paper we discuss the use of an object-oriented approach for web-based applications design, based on a method named Object Oriented Hypermedia Design Method (OOHDM). We first motivate our work discussing the problems encountered while designing large scale, dynamic web-based applications, which combine complex navigation patterns with sophisticated computational behavior. We argue that a method providing systematic guidance to

Daniel Schwabe; Gustavo Rossi

296

COEUS: "semantic web in a box" for biomedical applications  

PubMed Central

Background As the “omics” revolution unfolds, the growth in data quantity and diversity is bringing about the need for pioneering bioinformatics software, capable of significantly improving the research workflow. To cope with these computer science demands, biomedical software engineers are adopting emerging semantic web technologies that better suit the life sciences domain. The latter’s complex relationships are easily mapped into semantic web graphs, enabling a superior understanding of collected knowledge. Despite increased awareness of semantic web technologies in bioinformatics, their use is still limited. Results COEUS is a new semantic web framework, aiming at a streamlined application development cycle and following a “semantic web in a box” approach. The framework provides a single package including advanced data integration and triplification tools, base ontologies, a web-oriented engine and a flexible exploration API. Resources can be integrated from heterogeneous sources, including CSV and XML files or SQL and SPARQL query results, and mapped directly to one or more ontologies. Advanced interoperability features include REST services, a SPARQL endpoint and LinkedData publication. These enable the creation of multiple applications for web, desktop or mobile environments, and empower a new knowledge federation layer. Conclusions The platform, targeted at biomedical application developers, provides a complete skeleton ready for rapid application deployment, enhancing the creation of new semantic information systems. COEUS is available as open source at http://bioinformatics.ua.pt/coeus/.

2012-01-01

297

Cloud-enabled Web Applications for Environmental Modelling  

NASA Astrophysics Data System (ADS)

In order to integrate natural and social science, especially in the light of current environmental legislation, efficient management and decision making requires environmental modelling to be easily accessible, portable and flexible. Deploying models as web applications is a feasible solution to some of the above issues. However migrating desktop-based modelling platforms to web based applications is not trivial. The framework in which the models are deployed should comply with worldwide accepted web standards to allow interoperability and ease exchange of information with external sources. Also the chosen models should guarantee a certain degree of flexibility to adapt the modelling exercise to different purposes. In this study we propose an innovative approach to web-modelling, developed as part of the NERC's Environmental Virtual Observatory pilot (EVOp) project for the UK. The proposed approach combines the use of Google Maps APIs to explore available data and the PyWPS implementation of the Open Geospatial Consortium Web Processing Service standard (OGC-WPS) to deploy models implemented in programming languages such as R and Python. As proof-of-concept, a web application was implemented, on the EVOp portal, to assist local communities with local flooding in the Eden catchment in Cumbria (UK). The application simulates the impact of land-use scenarios using the hydrological model Topmodel (Beven and Kirkby, 1979) implemented as a web service using the aforementioned approach. Current developments include the implementation of web applications for diffuse pollution, which adopts the Export Coefficient Model (Jones, 1996), and national flooding which utilises the hydrological model ensemble FUSE (Clark et al., 2008). Topmodel and FUSE are already exposed as stateless OGC-compliant web services. In the future we also aim to produce tools to help manage drought impacts and ecosystem services. The authors would like to thank the valuable contributions of the whole EVOp team.

Vitolo, C.; Buytaert, W.; El-khatib, Y.; Gemmell, A. L.; Reaney, S. M.; Beven, K.

2012-12-01

298

NEWT: A RESTful service for building High Performance Computing web applications  

Microsoft Academic Search

The NERSC Web Toolkit (NEWT) brings High Performance Computing (HPC) to the web through easy to write web applications. Our work seeks to make HPC resources more accessible and useful to scientists who are more comfortable with the web than they are with command line interfaces. The effort required to get a fully functioning web application is decreasing, thanks to

Shreyas Cholia; David Skinner; Joshua Boverhof

2010-01-01

299

75 FR 80091 - Self-Regulatory Organizations; International Securities Exchange, LLC; Notice of Filing of...  

Federal Register 2010, 2011, 2012, 2013

...Uniform Application for Securities Industry Registration...Depository system (``Web CRD'') operated...Uniform Application for Securities Industry Registration...U4'') through Web CRD. \\10\\ An individual...registration available on Web CRD include, but...to, the General Securities...

2010-12-21

300

DBProxy: A dynamic data cache for Web applications  

Microsoft Academic Search

The majority of web pages served today are generated dynamically, usually by an application server querying a back-end database. To enhance the scalability of dynamic content serving in large sites, application servers are of- floaded to front-end nodes, called edge servers. The im- provement from such application offloading is marginal, however, if data is still fetched from the origin database

Khalil Amiri; Sanghyun Park; Renu Tewari; Sriram Padmanabhan

2003-01-01

301

Machine intelligence applications to securities production  

SciTech Connect

The production of security documents provides a cache of interesting problems ranging across a broad spectrum. Some of the problems do not have rigorous scientific solutions available at this time and provide opportunities for less structured approaches such as AI. AI methods can be used in conjunction with traditional scientific and computational methods. The most productive applications of AI occur when this marriage of methods can be carried out without motivation to prove that one method is better than the other. Fields such as ink chemistry and technology, and machine inspection of graphic arts printing offer interesting challenges which will continue to intrigue current and future generations of researchers into the 21st century.

Johnson, C.K.

1987-01-01

302

Network accessible security Web-based camera server system using index search algorithm  

Microsoft Academic Search

Existing analog monitoring camera systems can save and retrieve data only in a limited space within a short distance, and they have many constraints preventing their development in various application systems. However, on the back of the development of network and computer technologies, a monitoring camera system can be controlled from a remote location by a Web browser without space

Mike Myung-Ok Lee; Chil-Woo Lee; Young-Cheol Kim

2001-01-01

303

Remote recordable security Web-based camera server system using index search algorithm  

Microsoft Academic Search

As an existing analog monitoring camera system could save and retrieve data only in a limited space within a short distance, it had many constraints in developing into various application systems. However, on the back of the development of network and computer technologies, a camera monitoring system can be controlled from a remote location by a Web browser without space

Mike Myung-Ok Lee; Chil-Woo Lee

2001-01-01

304

A robust machine code proof framework for highly secure applications  

Microsoft Academic Search

Security-critical applications at the highest Evaluation Assurance Levels (EAL) require formal proofs of correctness in order to achieve certification. To support secure application development at the highest EALs, we have developed techniques to largely automate the process of producing proofs of correctness of machine code. As part of the Secure, High-Assurance Development Environment program, we have produced in ACL2 an

David S. Hardin; Eric W. Smith; William D. Young

2006-01-01

305

Ephemeral Document Clustering for Web Applications  

Microsoft Academic Search

We revisit document clustering in the context of the Web. Specifically, we investigate on-lineephemeral clustering, whereby the input document set is generated dynamically, typically by searchresults, and the output clustering hierarchy has a short life span, and is used for interactive browsingpurposes. Ephemeral clustering for interactive use introduces several new challenges. It requires anefficient algorithm, since clustering is performed on-line.

Yoëlle S. Maarek; Ronald Fagin; Israel Z. Ben-shaul; Dan Pelleg

2000-01-01

306

XML: A Door to Automated Web Applications  

Microsoft Academic Search

In Japanese culture, your meishi conveys your place in the company, even in society, as well as your name, phone number, and e-mail address. That is to say, in Japan, business cards matter. They convey complex metadata about the people who carry them. Like people, Web pages come in an abundance of shapes and sizes (and sounds). What makes them

Rohit Khare; Adam Rifkin

1997-01-01

307

Students as Designers of Semantic Web Applications  

ERIC Educational Resources Information Center

This paper draws upon the experience of an interdisciplinary research group in engaging undergraduate university students in the design and development of semantic web technologies. A flexible approach to participatory design challenged conventional distinctions between "designer" and "user" and allowed students to play a role in developing…

Tracy, Fran; Jordan, Katy

2012-01-01

308

Situational requirements engineering for the development of Content Management System-based web applications  

Microsoft Academic Search

Web applications are evolving towards strong content-centered Web applications. The development processes and implementation of these applications are unlike the development and implementation of traditional information systems. In this paper we propose WebEngineering Method; a method for developing content management system (CMS) based Web applications. Critical to a successful development of CMS-based Web applications, is the adaptation to the dynamic

Jurriaan Souer; Inge Van De Weerd; Johan Versendaal; Sjaak Brinkkemper

2007-01-01

309

On enabling secure applications through off-line biometric identification  

SciTech Connect

In developing secure applications and systems, the designers often must incorporate secure user identification in the design specification. In this paper, the authors study secure off line authenticated user identification schemes based on a biometric system that can measure a user`s biometric accurately (up to some Hamming distance). The schemes presented here enhance identification and authorization in secure applications by binding a biometric template with authorization information on a token such as a magnetic strip. Also developed here are schemes specifically designed to minimize the compromise of a user`s private biometrics data, encapsulated in the authorization information, without requiring secure hardware tokens. In this paper the authors furthermore study the feasibility of biometrics performing as an enabling technology for secure system and application design. The authors investigate a new technology which allows a user`s biometrics to facilitate cryptographic mechanisms.

Davida, G.I. [Univ. of Wisconsin, Milwaukee, WI (United States); Frankel, Y. [CertCo LLC, New York, NY (United States); Matt, B.J. [Sandia National Labs., Albuquerque, NM (United States)

1998-04-01

310

The essence of command injection attacks in web applications  

Microsoft Academic Search

Web applications typically interact with a back-end database to re- trieve persistent data and then present the data to the user as dy- namically generated output, such as HTML web pages. However, this interaction is commonly done through a low-level API by dy- namically constructing query strings within a general-purpose pro- gramming language, such as Java. This low-level interaction is

Zhendong Su; Gary Wassermann

2006-01-01

311

Extreme Programming: Rapid Development for Web-Based Applications  

Microsoft Academic Search

As software organizations continue to move toward Web-based systems development, they often assign or outsource such projects to small teams of highly qualified, but often relatively young, developers. Frequently, the developers?? attitude is less than positive toward software engineering practices?aparticularly software process improvement initiatives and metrics collection. Part of the problem is the business context: Web-based applications demand faster time-tomarket

Frank Maurer; Sebastien Martel

2002-01-01

312

The essence of command injection attacks in web applications  

Microsoft Academic Search

Web applications typically interact with a back-end database to retrieve persistent data and then present the data to the user as dynamically generated output, such as HTML web pages. However, this interaction is commonly done through a low-level API by dynamically constructing query strings within a general-purpose programming language, such as Java. This low-level interaction is ad hoc because it

Zhendong Su; Gary Wassermann

2006-01-01

313

Modeling User Interactions for (Fun and) Profit: Preventing Workflow-based Attacks in Web Applications  

Microsoft Academic Search

The goal of a web request forgery attacker is to forge requests for a web application by ma- nipulating its intended workflow. Web applications that fail to enforce the designer-intended interactions are vulnerable to this type of attacks. This paper proposes a systematic method- ology for designing web applications to strictly enforce the designer-intended interaction pat- terns. Our approach captures

Karthick Jayaraman; Grzegorz Lewandowski; Paul G. Talaga; Steve J. Chapin; Munawar Hafiz

314

Aspect Separation in Web Service Orchestration: A Reflective Approach and its Application to Decentralized Execution  

Microsoft Academic Search

Web service orchestration is becoming widely spread for the creation of composite Web services using standard specifications such as BPEL4WS. The myriad of specifications and aspects that should be considered in orchestrated Web services are resulting in increasing complexity. This complexity leads to software infrastructures difficult to maintain with interwoven code involving different aspects such as security, fault tolerance, distribution,

Ricardo Jiménez-peris; Marta Patiño-martínez; Ernestina Martel-jordán; R. Naranjo-izquierdo

2007-01-01

315

Architecting Web Services Applications for Improving Availability  

Microsoft Academic Search

\\u000a In this paper, we address the problem of improving the availability and correctness of Web Services. An architectural approach\\u000a is proposed that incorporates fault-tolerant techniques, such as, self-checking, comparison, and dynamic reconfiguration.\\u000a The first two techniques are associated with the detection and handling of faults at the component level, while the latter\\u000a is associated with the system. To demonstrate its

Rogério De Lemos

2004-01-01

316

Priority Mechanisms for OLTP and Transactional Web Applications  

Microsoft Academic Search

Transactional workloads are a hallmark of modern OLTP and Web applications, ranging from electronic com- merce and banking to online shopping. Often, the database at the core of these applications is the performance bottle- neck. Given the limited resources available to the database , transaction execution times can vary wildly as they compete and wait for critical resources. As the

David T. Mcwherter; Bianca Schroeder; Anastassia Ailamaki; Mor Harchol-balter

2004-01-01

317

Conceptual Modeling of Data-Intensive Web Applications  

Microsoft Academic Search

Many of the Web applications around us are data-intensive; this term indicates applications whose main purpose is presenting large amount of data to their users. Most of the sites for on-line trading or e-commerce are data-intensive, as well as most \\

Stefano Ceri; Piero Fraternali; Maristella Matera

2002-01-01

318

Scriptable web applications as first-class citizens  

Microsoft Academic Search

Mashups that combine data from numerous web sites into an integrated experience have rapidly become state-of-the-practice way to develop new compelling applications. However, their use has been somewhat restricted, since it is common that such applications can only be run inside the browser, not in a fashion where they would be directly associated with operating system concepts. Consequently their access

Tommi Mikkonen; Mikko Terho; Mikko Kuusipalo; Pekka Reijula

2011-01-01

319

Communicating Health Risks under Pressure: Homeland Security Applications  

SciTech Connect

The U.S. Environmental Protection Agency's (EPA) Office of Research and Development (ORD) Threat and Consequence Assessment Division (TCAD) within the National Homeland Security Research Center (NHSRC) has developed a tool for rapid communication of health risks and likelihood of exposure in preparation for terrorist incidents. The Emergency Consequence Assessment Tool (ECAT) is a secure web-based tool designed to make risk assessment and consequence management faster and easier for high priority terrorist threat scenarios. ECAT has been designed to function as 'defensive play-book' for health advisors, first responders, and decision-makers by presenting a series of evaluation templates for priority scenarios that can be modified for site-specific applications. Perhaps most importantly, the risk communication aspect is considered prior to an actual release event, so that management or legal advisors can concur on general risk communication content in preparation for press releases that can be anticipated in case of an actual emergency. ECAT serves as a one-stop source of information for retrieving toxicological properties for agents of concern, estimating exposure to these agents, characterizing health risks, and determining what actions need to be undertaken to mitigate the risks. ECAT has the capability to be used at a command post where inputs can be checked and communicated while the response continues in real time. This front-end planning is intended to fill the gap most commonly identified during tabletop exercises: a need for concise, timely, and informative risk communication to all parties. Training and customization of existing chemical and biological release scenarios with modeling of exposure to air and water, along with custom risk communication 'messages' intended for public, press, shareholders, and other partners enable more effective communication during times of crisis. For DOE, the ECAT could serve as a prototype that would be amenable to customization to include radioactive waste management or responses to catastrophic releases of radioactive material due to terrorist actions. (authors)

Garrahan, K.G. [EPA National Homeland Security Research Center, 1200 Pennsylvania Ave NW, Washington, DC 20460 (United States); Collie, S.L. [Tetra Tech, 350 N. St. Paul, Suite 2600, Dallas TX 75201 (United States)

2006-07-01

320

Ultra Lightweight Web Applications: A Single-Page Wiki employing a Partial Ajax Solution  

Microsoft Academic Search

The overloaded term Web 2.0 web site usually connotes an interactive web application that offers features normally associated with free-standing applications running directly under the control of an operating system. Such an interactive web applications, also known as a rich internet application (RIA), run within web browsers and must download XHTML and client-side scripts to control user interactivity. Via a

Michael J Rees

2006-01-01

321

Web services in the U.S. geological survey streamstats web application  

USGS Publications Warehouse

StreamStats is a U.S. Geological Survey Web-based GIS application developed as a tool for waterresources planning and management, engineering design, and other applications. StreamStats' primary functionality allows users to obtain drainage-basin boundaries, basin characteristics, and streamflow statistics for gaged and ungaged sites. Recently, Web services have been developed that provide the capability to remote users and applications to access comprehensive GIS tools that are available in StreamStats, including delineating drainage-basin boundaries, computing basin characteristics, estimating streamflow statistics for user-selected locations, and determining point features that coincide with a National Hydrography Dataset (NHD) reach address. For the state of Kentucky, a web service also has been developed that provides users the ability to estimate daily time series of drainage-basin average values of daily precipitation and temperature. The use of web services allows the user to take full advantage of the datasets and processes behind the Stream Stats application without having to develop and maintain them. ?? 2009 IEEE.

Guthrie, J. D.; Dartiguenave, C.; Ries, III, K. G.

2009-01-01

322

WebComposition Service Linking System: Supporting development, federation and evolution of service-oriented Web applications  

Microsoft Academic Search

There exists a need within many large organizations and their partners to operate cross-organizational Web applications. This paper introduces the WebComposition Service Linking System (WSLS), a component -based and service- oriented system which makes extensive use of Web Services and other standardized Internet technology in order to support development, maintenance and management of reusable and configurable components for cross-organizational Web

Martin Gaedke; Martin Nussbaumer; Emma Tonkin

2003-01-01

323

Testing and assessing web vulnerability scanners for persistent SQL injection attacks  

Microsoft Academic Search

Web application security scanners are automated tools used to detect security vulnerabilities in web applications. Recent research has shown that detecting persistent SQL injection vulnerabilities, one of the most critical web application vulnerabilities, is a major challenge for black-box scanners. In this paper, we evaluate three state of art black-box scanners that support detecting persistent SQL injection vulnerabilities. We developed

Nidal Khoury; Pavol Zavarsky; Dale Lindskog; Ron Ruhl

2011-01-01

324

Imaging terahertz radar for security applications  

NASA Astrophysics Data System (ADS)

Detection of concealed threats is a key issue in public security. In short range applications, passive imagers operating at millimeter wavelengths fulfill this task. However, for larger distances, they will suffer from limited spatial resolution. We will describe the design and performance of 0.8-THz imaging radar that is capable to detect concealed objects at a distance of more than 20 meter. The radar highlights the target with the built-in cw transmitter and analyses the returned signal making use of a heterodyne receiver with a single superconducting hot-electron bolometric mixer. With an integration time of 0.3 sec, the receiver distinguishes a temperature difference of 2 K at the 20 m distance. Both the transmitter and the receiver use the same modified Gregorian telescope consisting from two offset elliptic mirrors. The primary mirror defines limits the lateral resolution of the radar to 2 cm at 20 m distance. At this distance, the field of view of the radar has the diameter 0.5 m. It is sampled with a high-speed conical scanner that allows for a frame time less than 5 sec. The transmitter delivers to the target power with a density less than ten microwatt per squared centimeter, which is harmless for human beings. The radar implements a sensor fusion technique that greatly improves the ability to identify concealed objects.

Semenov, Alexei; Richter, Heiko; Böttger, Ute; Hübers, Heinz-Wilhelm

2008-05-01

325

High average current betatrons for industrial and security applications  

Microsoft Academic Search

The fixed-field alternating-gradient (FFAG) betatron has emerged as a viable alternative to RF linacs as a source of high-energy radiation for industrial and security applications. For industrial applications, high average currents at modest relativistic electron beam energies, typically in the 5 to 10 MeV range, are desired for medical product sterilization, food irradiation and materials processing. For security applications, high

S. Boucher; R. Agustsson; P. Frigola; A. Murokh; M. Ruelas; F. O'Shea; J. Rosenzweig; G. Travish

2007-01-01

326

Web Services Provide Access to SCEC Scientific Research Application Software  

NASA Astrophysics Data System (ADS)

Web services offer scientific communities a new paradigm for sharing research codes and communicating results. While there are formal technical definitions of what constitutes a web service, for a user community such as the Southern California Earthquake Center (SCEC), we may conceptually consider a web service to be functionality provided on-demand by an application which is run on a remote computer located elsewhere on the Internet. The value of a web service is that it can (1) run a scientific code without the user needing to install and learn the intricacies of running the code; (2) provide the technical framework which allows a user's computer to talk to the remote computer which performs the service; (3) provide the computational resources to run the code; and (4) bundle several analysis steps and provide the end results in digital or (post-processed) graphical form. Within an NSF-sponsored ITR project coordinated by SCEC, we are constructing web services using architectural protocols and programming languages (e.g., Java). However, because the SCEC community has a rich pool of scientific research software (written in traditional languages such as C and FORTRAN), we also emphasize making existing scientific codes available by constructing web service frameworks which wrap around and directly run these codes. In doing so we attempt to broaden community usage of these codes. Web service wrapping of a scientific code can be done using a "web servlet" construction or by using a SOAP/WSDL-based framework. This latter approach is widely adopted in IT circles although it is subject to rapid evolution. Our wrapping framework attempts to "honor" the original codes with as little modification as is possible. For versatility we identify three methods of user access: (A) a web-based GUI (written in HTML and/or Java applets); (B) a Linux/OSX/UNIX command line "initiator" utility (shell-scriptable); and (C) direct access from within any Java application (and with the correct API interface from within C++ and/or C/Fortran). This poster presentation will provide descriptions of the following selected web services and their origin as scientific application codes: 3D community velocity models for Southern California, geocoordinate conversions (latitude/longitude to UTM), execution of GMT graphical scripts, data format conversions (Gocad to Matlab format), and implementation of Seismic Hazard Analysis application programs that calculate hazard curve and hazard map data sets.

Gupta, N.; Gupta, V.; Okaya, D.; Kamb, L.; Maechling, P.

2003-12-01

327

Design of Policy-Based Security Mechanisms in a Distributed Web Services Architecture  

Microsoft Academic Search

\\u000a In the recent years, modern complex infrastructures are built on integration and cooperation of legacy and\\/or new systems;\\u000a the emerging technology, to primary face the involved interoperability problems, is based on web service solutions. It is\\u000a based on open standards and common data formats which allow a deep cooperation among Entities and applications and guarantee\\u000a strong resource sharing. In such

Valentina Casola; Antonino Mazzeo; Nicola Mazzocca; Salvatore Venticinque

2004-01-01

328

Security and Vulnerability  

Microsoft Academic Search

\\u000a Part of being a competent web application developer is having a solid awareness of web security issues at the level of HTTP\\u000a requests and responses. All web applications are potentially vulnerable to a familiar set of attacks—such as cross-site scripting\\u000a (XSS), cross-site request forgery (CSRF), and SQL injection—but we can mitigate each of these types of attacks by understanding\\u000a them

Adam Freeman; Steven Sanderson

329

The security system analyzer: An application of the Prolog language  

Microsoft Academic Search

The Prolog programming language and entity-relationship modeling techniques were used to demonstrate a methodology for security system applications. A knowledge base was built that consists of statements modeling a generic building and surrounding area, including security fences and intrusion detectors (sensors and TV cameras). Declarative Prolog statements have the capability to use the knowledge base information in a routine manner

B. D. Zimmerman; S. E. Seeman

1986-01-01

330

Conditional Access in Mobile Systems: Securing the Application  

Microsoft Academic Search

This paper describes two protocols for the secure download of content protection software to mobile devices. The protocols apply concepts from trusted computing to demonstrate that a platform is in a sufficiently trustworthy state before any application or associated keys are securely downloaded. The protocols are designed to allow mobile devices to receive broadcast content protected by proprietary conditional access

Eimear Gallery; Allan Tomlinson

2005-01-01

331

Secure applications of RSA system in the electronic commerce  

Microsoft Academic Search

RSA is one of the best secure algorithms till now. This paper describes the encryption decryption as well as digital signature using the RSA system, discusses the secure applications of RSA in the E-Commerce as well as the rapid realization and the improvement of RSA.

Liu Dong-liang; Chen Yan-ping; Zhang Huai-ping

2010-01-01

332

Automating regression testing using web-based application similarities  

Microsoft Academic Search

Web-based applications are one of the most widely used types of software, and have become the backbone of many e-commerce\\u000a and communications businesses. These applications are often mission-critical for many organizations, motivating their precise\\u000a validation. Although regression testing has been widely used to gain confidence in the reliability of software by providing\\u000a information about the quality of an application, it

Kinga Dobolyi; Elizabeth Soechting; Westley Weimer

2011-01-01

333

Applying Concept Analysis to User-Session-Based Testing of Web Applications  

Microsoft Academic Search

The continuous use of the Web for daily operations by businesses, consumers, and the government has created a great demand for reliable Web applications. One promising approach to testing the functionality of Web applications leverages the user- session data collected by Web servers. User-session-based testing automatically generates test cases based on real user profiles. The key contribution of this paper

Sreedevi Sampath; Sara Sprenkle; Emily Gibson; Lori L. Pollock; Amie Souter Greenwald

2007-01-01

334

Scalable Approach to User-Session based Testing of Web Applications through Concept Analysis  

Microsoft Academic Search

The continuous use of the web for daily operations by businesses, consumers, and government has created a great demand for reliable web applications. One promising ap- proach to testing the functionality of web applications lever- ages user session data collected by web servers. This ap- proach automatically generates test cases based on real user profiles. The key contribution of this

Sreedevi Sampath; Valentin Mihaylov; Amie L. Souter; Lori L. Pollock

2004-01-01

335

Model-driven design and deployment of service-enabled web applications  

Microsoft Academic Search

Significant effort is currently invested in application integration, enabling business processes of different companies to interact and form complex multiparty processes. Web service standards, based on WSDL (Web Service Definition Language), have been adopted as process-to-process communication paradigms. However, the conceptual modeling of applications using Web services has not yet been addressed. Interaction with Web services is often specified at

Ioana Manolescu; Marco Brambilla; Stefano Ceri; Sara Comai; Piero Fraternali

2005-01-01

336

75 FR 63884 - Self-Regulatory Organizations; Municipal Securities Rulemaking Board; Order Approving Proposed...  

Federal Register 2010, 2011, 2012, 2013

...regarding municipal securities to the MSRB...dissemination on the EMMA Web site, the EMMA...applicable municipal security otherwise displayed on the EMMA Web site. Currently...the EMMA public Web site would offer...investors in municipal securities given the...

2010-10-18

337

Performance Analysis of Web Applications Based on User Navigation  

NASA Astrophysics Data System (ADS)

This paper proposes a method to conduct performance eanalysis of web applications. The behavior model is firstly built from log file after user navigation, then an extended state diagram is extracted from this log file, finally multiple Markov model is cooperated to this state diagram and the performance analysis can be obtained from the Markov model. Five indexes are used to measure the performance and they are: service response time, service path length, service utilization, service implementation rate and access error rate. Our performance analysis result will provide a suggestion to improve the design of web applications and optimize the services. A case study of Zhejiang Chess web site has been used to demonstrate the advantage of our method.

Zhou, Quanshu; Ye, Hairong; Ding, Zuohua

338

Framework for Supporting Web-Based Collaborative Applications  

NASA Astrophysics Data System (ADS)

The article proposes an intelligent framework for supporting Web-based applications. The framework focuses on innovative use of existing resources and technologies in the form of services and takes the leverage of theoretical foundation of services science and the research from services computing. The main focus of the framework is to deliver benefits to users with various roles such as service requesters, service providers, and business owners to maximize their productivity when engaging with each other via the Web. The article opens up with research motivations and questions, analyses the existing state of research in the field, and describes the approach in implementing the proposed framework. Finally, an e-health application is discussed to evaluate the effectiveness of the framework where participants such as general practitioners (GPs), patients, and health-care workers collaborate via the Web.

Dai, Wei

339

Implementing a secure client/server application.  

National Technical Information Service (NTIS)

There is an increasing rise in attacks and security breaches on computer systems. Particularly vulnerable are systems that exchange user names and passwords directly across a network without encryption. These kinds of systems include many commercial-off-t...

B. A. Kissinger

1994-01-01

340

Application of models in information security management  

Microsoft Academic Search

The impact of information technology on business operations is widely recognized and its role in the emergence of new business models is well-known. In order to leverage the benefits of IT-supported business processes the security of the underlying information systems must be managed. Various so- called best-practice models and information security standards have positioned themselves as generic solutions for a

Danijel Milicevic; Matthias Goeken

2011-01-01

341

Web service driven integration platform for industrial maintenance oriented applications  

Microsoft Academic Search

This account presents the architecture and the basic operation principle of an integration platform which constitutes the framework of the system implementing the task of remote maintenance for the large and medium scale industrial installation. The system based on the technology of Web services is an example of the vertical integration of domain specific applications

J. Szymanski; M. Thron; J.-P. Thomesse; X. Rebeuf; C. Lang

2004-01-01

342

Web-based application development: a software engineering approach  

Microsoft Academic Search

In contrast to the construction of centralised software systems which relies on a well established approach, there is a lack of a proven methodology that guides software engineers in building web-based applications. The focus is still on technology rather than analysis and design issues. However, just as the focus in software engineering shifted from programming to process thirty years ago,

Said Hadjerrouit

2001-01-01

343

Web Based Application for Distributed Remote Measurement Viewing  

Microsoft Academic Search

The paper discusses web based application for distributed automation. Realization is made over three-layer distributed model. XML table driven communication model is used for heterogeneous connection of different parts of the system. Functionality of the model is delegated and distributed among servers and embedded systems. Majority features of realization, concerning scalability, flexibility, distribution, collecting and delegating of functionality, reliability and

Ivan Stankov; Grisha Spasov

344

Advanced Web Programming for Scientific and Educational Applications  

Microsoft Academic Search

The Center for Advanced Educational Technology at the University of Tennessee is involved extensively in the development of state-of-the-art technology for scientific web sites, accessible and portable scientific visualization, and networked databases for scientific educational applications. These are being developed using primarily Flash Actionscript, Java, and cascading style sheets on the client side, PHP and Java middleware, and SQL databases.

Brett Petrusek; Reuben Budiardja; Mike Guidry

2004-01-01

345

KnittingFactory: An Infrastructure for Distributed Web Applications.  

National Technical Information Service (NTIS)

While Java and applets have created a new perspective for Web applications some problems are still unsolved. Among these are the question of how Java applets can find other members of the collaboration session. how to deal with the restrictions imposed by...

A. Baratloo M. Karaul H. Karl Z. M. Kedem

1997-01-01

346

Adaptive admission control for web applications with variable capacity  

Microsoft Academic Search

The system capacity available to a multi-tier Web based application is often a dynamic quantity. Most static threshold-based overload control mechanisms are best suited to situations where the system's capacity is constant or the bottleneck resource is known. However, with varying capacity, the admission control mechanism needs to adapt dynamically. We propose and implement an adaptive admission control mechanism that

Vipul Mathur; Preetam Patil; Varsha Apte; Kannan M. Moudgalya

2009-01-01

347

Building Application Ontologies from Descriptions of Semantic Web Services  

Microsoft Academic Search

Different ontologies used in semantic web services fields raise numerous interoperation and communication problems with respect to service discovery, composition, and execution. The current approaches for ontology mediation often failed due to their lack of sufficient semantic expressiveness and reasoning capability. In this paper1, we present a novel approach allowing ontologies to provide self-contained semantics for service applications. We show

Xia Wang; Tomas Vitvar; Manfred Hauswirth; Doug Foxvog

2007-01-01

348

Construction of the System Dependence Graph for Web Application Slicing  

Microsoft Academic Search

Abstract The computation of program slices on Web applications may be useful during debugging, when the amount of code to be inspected can be reduced, and during understanding, since the search for a given functionality can be better fo- cused. The system dependence graph is an appropriate data structure for slice computation, in that it explicitly repre- sents all dependences

Filippo Ricca; Paolo Tonella

2002-01-01

349

Web Application Slicing in Presence of Dynamic Code Generation  

Microsoft Academic Search

The computation of program slices on Web applications may be useful during debugging, when the amount of code to be inspected can be reduced, and during understanding, since the search for a given functionality can be better focused. The system dependence graph is an appropriate data structure for slice computation, in that it explicitly represents all dependences that have to

Paolo Tonella; Filippo Ricca

2005-01-01

350

Web-based electronic patient records for collaborative medical applications.  

PubMed

We developed a web-based system to interactively display electronic patient records (EPR), such as DICOM images, graphics, and structure reports and therapy records, for intranet and internet collaborative medical applications. This system has three major components, a C/S (client/server) architecture for EPR data acquisition and authoring, and a Web B/S architecture for data delivering. The Web viewer of this system integrates multi-media display modules and remote control module together to provide interactive EPR display and manipulation functions for collaborative applications. We have successfully used this system two times to provide teleconsultation for severe acute respiratory syndrome (SARS) patients in Shanghai Infection Hospital and Xinhua Hospital. During the consultation, both the physicians in infection control area and the experts outside the control area could use this system interactively to manipulate and navigate the EPR objects of the SARS patients to facilitate a more precise diagnosis. This paper gives a new approach to create and manage image-based EPR from actual patient records, and also presents a novel method to use Web technology and DICOM standard to build an open architecture for collaborative medical applications. The system can be used for both intranet and internet medical applications such as tele-diagnosis, teleconsultation, and distant learning. PMID:15755531

Zhang, Jianguo; Sun, Jianyong; Yang, Yuanyuan; Chen, Xiaomeng; Meng, Lili; Lian, Ping

2005-01-01

351

Design and Implementation of a Web Application Automation Testing Framework  

Microsoft Academic Search

In this paper the problems in the automation testing of GUI based Web applications are discussed. A new automation testing framework based on the concept of object feature set and dynamic searching policy is proposed. The design and implementation of it are both given. The framework working using result shows that it makes the testing more convenient and efficient with

Wandan Zeng; Ningkang Jiang; Xubo Zhou

2009-01-01

352

Exploiting conceptual modeling for web application quality evaluation  

Microsoft Academic Search

This paper presents an approach and a toolset for exploiting the benefits of conceptual modeling in the quality evaluation tasks that take place both before the deployment and during the operational life of a Web application. The full version of the paper is available as a technical report at the address: http:\\/\\/www.elet.polimi.it\\/upload\\/fraterna\\/FLMM2004.pdf.

Piero Fraternali; Pier Luca Lanzi; Maristella Matera; Andrea Maurino

2004-01-01

353

Level of Detail Concepts in Data-Intensive Web Applications  

Microsoft Academic Search

Current data-intensive Web applications, such as on-line trading, e- commerce, corporate portals and so on, are becoming more and more complex, both in terms of density of information and in terms of navigational paths. At this aim different techniques have been proposed in literature for optimizing the information to be shown to the user. In this paper we present a

Sara Comai

2005-01-01

354

77 FR 4841 - BOX Options Exchange LLC; Notice of Filing of Application, as Amended, for Registration as a...  

Federal Register 2010, 2011, 2012, 2013

...a Form 1 application under the Securities Exchange Act...its Form 1 application. See Securities Exchange Act...Secretary, Securities and Exchange...Commission's Internet Web site (http...Applicant's Form 1 applications filed...

2012-01-31

355

Neutron Detection Alternatives to 3He for National Security Applications  

SciTech Connect

One of the main uses for 3He is in gas proportional counters for neutron detection. Large radiation detection systems deployed for homeland security and proliferation detection applications use such systems. Due to the large increase in use of 3He for homeland security and basic research, the supply has dwindled, and can no longer meet the demand. This has led to the search for an alternative technology to replace the use of 3He-based neutron detectors. In this paper, we review the testing of currently commercially available alternative technologies for neutron detection in large systems used in various national security applications.

Kouzes, Richard T.; Ely, James H.; Erikson, Luke E.; Kernan, Warnick J.; Lintereur, Azaree T.; Siciliano, Edward R.; Stephens, Daniel L.; Stromswold, David C.; Van Ginhoven, Renee M.; Woodring, Mitchell L.

2010-11-21

356

Creating HTML5 Offline Web Applications  

Microsoft Academic Search

\\u000a In this chapter, we will explore what you can do with offline HTML5 applications. HTML5 applications do not necessarily require\\u000a constant access to the network, and loading cached resources can now be more flexibly controlled by developers.

Peter Lubbers; Brian Albers; Frank Salim

357

Advanced Web Programming for Scientific and Educational Applications  

NASA Astrophysics Data System (ADS)

The Center for Advanced Educational Technology at the University of Tennessee is involved extensively in the development of state-of-the-art technology for scientific web sites, accessible and portable scientific visualization, and networked databases for scientific educational applications. These are being developed using primarily Flash Actionscript, Java, and cascading style sheets on the client side, PHP and Java middleware, and SQL databases. We shall present a variety of application examples in astronomy, astrophysics, and physics.

Petrusek, Brett; Budiardja, Reuben; Guidry, Mike

2004-11-01

358

An Object Oriented Approach to Web-Based Applications Design  

Microsoft Academic Search

In this paper we discuss the use of an object-oriented approach forweb-based applications design, based on a method named Object OrientedHypermedia Design Method (OOHDM).We first motivate our work discussing the problems encounteredwhile designing large scale, dynamic web-based applications, which combinecomplex navigation patterns with sophisticated computational behavior. Weargue that a method providing systematic guidance to design is needed. Next,we introduce OOHDM,

Daniel Schwabe; Gustavo Rossi

1998-01-01

359

A Semantic Sensor Web for Environmental Decision Support Applications  

PubMed Central

Sensing devices are increasingly being deployed to monitor the physical world around us. One class of application for which sensor data is pertinent is environmental decision support systems, e.g., flood emergency response. For these applications, the sensor readings need to be put in context by integrating them with other sources of data about the surrounding environment. Traditional systems for predicting and detecting floods rely on methods that need significant human resources. In this paper we describe a semantic sensor web architecture for integrating multiple heterogeneous datasets, including live and historic sensor data, databases, and map layers. The architecture provides mechanisms for discovering datasets, defining integrated views over them, continuously receiving data in real-time, and visualising on screen and interacting with the data. Our approach makes extensive use of web service standards for querying and accessing data, and semantic technologies to discover and integrate datasets. We demonstrate the use of our semantic sensor web architecture in the context of a flood response planning web application that uses data from sensor networks monitoring the sea-state around the coast of England.

Gray, Alasdair J. G.; Sadler, Jason; Kit, Oles; Kyzirakos, Kostis; Karpathiotakis, Manos; Calbimonte, Jean-Paul; Page, Kevin; Garcia-Castro, Raul; Frazer, Alex; Galpin, Ixent; Fernandes, Alvaro A. A.; Paton, Norman W.; Corcho, Oscar; Koubarakis, Manolis; De Roure, David; Martinez, Kirk; Gomez-Perez, Asuncion

2011-01-01

360

Web Application Development Lifecycle for Small Medium-Sized Enterprises (SMEs) (Short Paper)  

Microsoft Academic Search

Software engineering has proven to be very important for standard software development. But, can Web applications be engineered as well? Currently, J2EE, Apache\\/Perl\\/PDP\\/MySQL and .NET have been universally accepted as Web application development technology, but there is no universal accepted methodology for Web application development process. Web application needs to be engineered by moving focus from technology to process. In

Wei Huang; Ru Li; Carsten Maple; Hongji Yang; David Foskett; Vince Cleaver

2008-01-01

361

Poster: DIEGO: a fine-grained access control for web browsers  

Microsoft Academic Search

Modern web applications combine content from several sources (with varying security characteristics), and incorporate significant portion of user-supplied contents to enrich browsing experience. However, the de facto web protection model, the same-origin policy (SOP), has not adequately evolved to manage the security consequences of this additional complexity. As a result, making web applications subject to a broad sphere of attacks

Ashar Javed

2011-01-01

362

Application of WebGIS in CATV basic network  

NASA Astrophysics Data System (ADS)

This paper analyzes the necessity of the application of WebGIS in CATV basic network. There was almost no research in using WebGIS to manage CATV basic network data in China. This paper briefly introduces how to construct an integrated transaction management system of CATV basic network based on WebGIS, and it forms a database of pivotal points, lines and buildings. CATV basic network based on WebGIS has very great superiority to traditional GIS, anybody can visit the system in anyplace by wired or wireless connection. Therefore it can satisfy the managers who want to query information about network, equipment and customers or response on. In this way the routine network and equipment maintenance becomes easily and fleetly. But WebGIS also has bottle-necks such as vector graphic editing. The editing of vector graphic and attribute play important roles in GIS, especially in CATV basic network management, because equipment, cable and fiber-optic change frequently. This paper develops Zhejiang Jiangshan broadcasting and TV station geographic information system on the basis of ArcIMS platform, and making use of the capability of reading and writing spatial data of ArcSDE to solve vector graphic editing problem.

Li, Zhao; Liu, Nan; Liu, Renyi; Bao, Weizheng

2006-10-01

363

Specification and Verification of Web Applications in Rewriting Logic  

NASA Astrophysics Data System (ADS)

This paper presents a Rewriting Logic framework that formalizes the interactions between Web servers and Web browsers through a communicating protocol abstracting HTTP. The proposed framework includes a scripting language that is powerful enough to model the dynamics of complex Web applications by encompassing the main features of the most popular Web scripting languages (e.g. PHP, ASP, Java Servlets). We also provide a detailed characterization of browser actions (e.g. forward/backward navigation, page refresh, and new window/tab openings) via rewrite rules, and show how our models can be naturally model-checked by using the Linear Temporal Logic of Rewriting (LTLR), which is a Linear Temporal Logic specifically designed for model-checking rewrite theories. Our formalization is particularly suitable for verification purposes, since it allows one to perform in-depth analyses of many subtle aspects related to Web interaction. Finally, the framework has been completely implemented in Maude, and we report on some successful experiments that we conducted by using the Maude LTLR model-checker.

Alpuente, María; Ballis, Demis; Romero, Daniel

364

On certifying mobile code for secure applications  

Microsoft Academic Search

Summary form only given. The security issues in mobile code arise from the fact that someone else's program is running on your machine often without your knowledge and approval, often without controls on its privileges, and often without knowledge for how trustworthy that program is. Several different approaches have emerged for providing some assurance against malicious behavior. Javasoft implemented a

A. K. Ghosh

1998-01-01

365

Simple 3-D applications in web service  

NASA Astrophysics Data System (ADS)

This paper describes methods of online translation of text files into a visually more intuitive 3-D format. Relatively simple text files are used as examples here, but the approach described can easily be extended to more complicated tasks. Java Servlet Pages (JSP) dynamic homepage technology is used to provide online access and data processing. Different processing methods are used by the example applications.

Zhang, Jie; John, Nigel W.

2002-07-01

366

Harnessing Web-Based Application Similarities to Aid in Regression Testing  

Microsoft Academic Search

Web-based applications are growing in complexity and criticality, increasing the need for their precise validation. Regression testing is an established approach for providing information about the quality of an application in the face of recurring updates that dominate the web. We present techniques to address a key challenge of the automated regression testing of web-based applications. Innocuous program evolutions often

Kinga Dobolyi; Westley Weimer

2009-01-01

367

SLA-Driven Dynamic Resource Management for Multi-tier Web Applications in a Cloud  

Microsoft Academic Search

Current service-level agreements (SLAs) offered by cloud providers do not make guarantees about response time of Web applications hosted on the cloud. Satisfying a maximum average response time guarantee for Web applications is difficult due to unpredictable traffic patterns. The complex nature of multi-tier Web applications increases the difficulty of identifying bottlenecks and resolving them automatically. It may be possible

Waheed Iqbal; Matthew N. Dailey; David Carrera

2010-01-01

368

An Automated Test Code Generation Method for Web Applications using Activity Oriented Approach  

Microsoft Academic Search

Automated tests are important for Web applications as they grow more complex day by day. Web application testing frameworks have emerged to help satisfy this need. However, used without a model that is designed for system evolution and realization, maintaining test code becomes cumbersome and inefficient. This paper describes an activity oriented approach to engineer automated tests for web applications

David A. Turner; Jaehwan Kim; Jinseok Chae

2008-01-01

369

TOKEN: Trustable Keystroke-Based Authentication for Web-Based Applications on Smartphones  

NASA Astrophysics Data System (ADS)

Smartphones are increasingly being used to store personal information as well as to access sensitive data from the Internet and the cloud. Establishment of the identity of a user requesting information from smartphones is a prerequisite for secure systems in such scenarios. In the past, keystroke-based user identification has been successfully deployed on production-level mobile devices to mitigate the risks associated with naïve username/password based authentication. However, these approaches have two major limitations: they are not applicable to services where authentication occurs outside the domain of the mobile device - such as web-based services; and they often overly tax the limited computational capabilities of mobile devices. In this paper, we propose a protocol for keystroke dynamics analysis which allows web-based applications to make use of remote attestation and delegated keystroke analysis. The end result is an efficient keystroke-based user identification mechanism that strengthens traditional password protected services while mitigating the risks of user profiling by collaborating malicious web services.

Nauman, Mohammad; Ali, Tamleek

370

Advanced 3D Visualization Web Technology and its Use in Military and Intelligence Applications.  

National Technical Information Service (NTIS)

Web technologies achieved significant improvements in last years, but many application areas are not yet Web-impacted. Upcoming software products enhance feature sets of Web browsers and make it possible to use systems based on new Web technologies as adv...

D. Toman A. Kos

2002-01-01

371

Web application security in a crossing boundaries grid system  

Microsoft Academic Search

The grid problem is how to enable coordinated resources sharing and problem solving in dynamic, multi-institutional cross organizations called Virtual Organizations (VOs) that collect a large number of nodes grouped into grid sites. An overlay of policies governs access within a collaboration that is granted to users by a VO and by a site to VOs, nodes and users through

Serena Pastore

2007-01-01

372

Privacy, Security and Interoperability of Mobile Health Applications  

Microsoft Academic Search

\\u000a This paper will discuss the security, privacy and interoperability of mobile health applications (MHAs) and how these issues\\u000a must be reconciled in order for MHA devices to be implemented in the most robust fashion. Balance is needed between privacy\\u000a and accessibility, between security and interoperability and between flexibility and standardization. The interoperability\\u000a of diverse MHA devices must be a goal

Josette F. Jones; Sara A. Hook; Seong C. Park; LaSha M. Scott

373

Accessing multimedia content from mobile applications using semantic web technologies  

NASA Astrophysics Data System (ADS)

We describe the ideas and results of an applied research project that aims at leveraging the expressive power of semantic web technologies as a server-side backend for mobile applications that provide access to location and multimedia data and allow for a rich user experience in mobile scenarios, ranging from city and museum guides to multimedia enhancements of any kind of narrative content, including e-book applications. In particular, we will outline a reusable software architecture for both server-side functionality and native mobile platforms that is aimed at significantly decreasing the effort required for developing particular applications of that kind.

Kreutel, Jörn; Gerlach, Andrea; Klekamp, Stefanie; Schulz, Kristin

2014-02-01

374

Collaborative Knowledge Discovery & Marshalling for Intelligence & Security Applications  

SciTech Connect

This paper discusses the Knowledge Encapsulation Framework, a flexible, extensible evidence-marshalling environment built upon a natural language processing pipeline and exposed to users via an open-source semantic wiki. We focus our discussion on applications of the framework to intelligence and security applications, specifically, an instantiation of the KEF environment for researching illicit trafficking in nuclear materials.

Cowell, Andrew J.; Jensen, Russell S.; Gregory, Michelle L.; Ellis, Peter C.; Fligg, Alan K.; McGrath, Liam R.; O'Hara, Kelly A.; Bell, Eric B.

2010-05-24

375

Securing context-aware applications using environment roles  

Microsoft Academic Search

In the future, a largely invisible and ubiquitous computing infrastructure will assist people with a variety of activities in the home and at work. The applications that will be deployed in such systems will create and manipulate private information and will provide access to a variety of other resources. Securing such applications is challenging for a number of reasons. Unlike

Michael J. Covington; Wende Long; Srividhya Srinivasan; Anind K. Dev; Mustaque Ahamad

2001-01-01

376

Securing a Remote Terminal Application with a Mobile Trusted Device  

Microsoft Academic Search

Many real-world applications use credentials such as passwords as means of user authentication. When accessed from untrusted public terminals, such applications are vul- nerable to credential sniffing attacks, as shown by recent highly publicized compromises (20). In this paper, we describe a secure remote terminal ap- plication that allows users possessing a trusted device to delegate their credentials for performing

Alina Oprea; Dirk Balfanz; Glenn Durfee; Diana K. Smetters

2004-01-01

377

Integration Testing of Web Applications and Databases Using TTCN-3  

NASA Astrophysics Data System (ADS)

Traditional approaches to integration testing typically use a variety of different test tools (such as HTTPUnit, Junit, DBUnit) and manage data in a variety of formats (HTML, Java, SQL) in order to verify web application state at different points in the architecture of a web application. Managing test campaigns across these different tools and correlating intermediate results in different formats is a difficult problem which we address in this paper. In particular, the major contribution of this paper is to demonstrate that a specification-based approach to integration testing enables one to define integration test campaigns more succinctly and efficiently in a single language/tool and correlate intermediate results in a single data format. We also evaluate the effectiveness of TTCN-3 (a standards-based test specification language and framework) in supporting such an approach.

Stepien, Bernard; Peyton, Liam

378

BOF4WSS: A Business-Oriented Framework for Enhancing Web Services Security for e-Business  

Microsoft Academic Search

Abstract When considering,Web services’ (WS) use for online business-to-business (B2B) collaboration between,compa- nies, security is a complicated and very topical issue. This is especially true with regard to reaching a level of secu- rity beyond the technological layer, that is supported and trusted by all businesses involved. With appreciation of this fact, our research draws from established development methodologies to

Jason R. C. Nurse; Jane E. Sinclair

2009-01-01

379

Towards a Common Metamodel for the Development of Web Applications  

Microsoft Academic Search

Many different methodologies for the development of Web applications were proposed in the last ten years. Although most of\\u000a them define their own notation for building models such as the navigation, the presentation or the personalization model,\\u000a we argue that in many cases it is just another notation for the same concepts, i.e. they should be based on a common

Nora Koch; Andreas Kraus

380

An executable business model for generic web applications  

Microsoft Academic Search

In this paper, a novel platform-specific executable business model called xBM is proposed to sufficiently represent the business logic process. The metamodel of xBM have been analysed, formalised and illustrated. Traditional version control idea based on the copy-modify-merge approach is also applied in xBM. Moreover, our approach for model development approach based on xBM is presented for generic web applications.

Zhenxiang Chen; Kun Ma; A. Abraham; Bo Yang; Runyuan Sun

2010-01-01

381

Social applications: exploring a more secure framework  

Microsoft Academic Search

Online social network sites, such as MySpace, Facebook and others have grown rapidly, with hundreds of millions of active users. A new feature on many sites is social applications - applications and services written by third party developers that provide additional functionality linked to a user's profile. However, current application platforms put users at risk by permitting the disclosure of

Andrew Besmer; Heather Richter Lipford; Mohamed Shehab; Gorrell Cheek

2009-01-01

382

IRS-III: A Broker for Semantic Web Services Based Applications  

Microsoft Academic Search

In this paper we describe IRS-III which takes a semantic broker based approach to creating applications from Semantic Web Services by medi- ating between a service requester and one or more service providers. Business organisations can view Semantic Web Services as the basic mechanism for in- tegrating data and processes across applications on the Web. This paper extends previous publications

Liliana Cabral; John Domingue; Stefania Galizia; Alessio Gugliotta; Vlad Tanasescu; Carlos Pedrinaci; Barry Norton

2006-01-01

383

Leveraging User Interactions for In-Depth Testing of Web Applications  

Microsoft Academic Search

Over the last years, the complexity of web applications has grown significantly, challenging desktop programs in terms of functional- ity and design. Along with the rising popularity of web applications, the number of exploitable bugs has also increased significantly. Web applica- tion flaws, such as cross-site scripting or SQL injection bugs, now account for more than two thirds of the

Sean Mcallister; Engin Kirda; Christopher Kruegel

2008-01-01

384

Expanding Human Interactions for In-Depth Testing of Web Applications  

Microsoft Academic Search

Over the last years, the complexity of web applications has grown significantly, challenging desktop programs in terms of functional- ity and design. Along with the rising popularity of web applications, the number of exploitable bugs has also increased significantly. Web applica- tion flaws, such as cross-site scripting or SQL injection bugs, now account for more than two thirds of the

Sean McAllister; Engin Kirda; Christopher Kruegel

385

DOHA: scalable real-time web applications through adaptive concurrent execution  

Microsoft Academic Search

Browsers have become mature execution platforms enabling web applications to rival their desktop counterparts. An important class of such applications is interactive multimedia: games, animations, and interactive visualizations. Unlike many early web applications, these applications are latency sensitive and processing (CPU and graphics) intensive. When demands exceed available resources, application quality (e.g., frame rate) diminishes because it is hard to

Aiman Erbad; Norman C. Hutchinson; Charles Krasic

2012-01-01

386

A Mashup Tool for Cross-Domain Web Applications Using HTML5 Technologies  

Microsoft Academic Search

\\u000a Many web applications that do not take reusability and interoperability into account are being published today. However, there\\u000a are demands that developers provide the ability to collaborate among different web applications. In e-Science, an application\\u000a uses the results of other application as input data. In this paper, we introduce a mashup tool which can easily create a mashup\\u000a web application

Akiyoshi Matono; Akihito Nakamura; Isao Kojima

2011-01-01

387

Taking Advantage of Google's Web-Based Applications and Services.  

PubMed

Google is a company that is constantly expanding and growing its services and products. While most librarians possess a "love/hate" relationship with Google, there are a number of reasons you should consider exploring some of the tools Google has created and made freely available. Applications and services such as Google Docs, Slides, and Google+ are functional and dynamic without the cost of comparable products. This column will address some of the issues users should be aware of before signing up to use Google's tools, and a description of some of Google's web applications and services, plus how they can be useful to librarians in health care. PMID:24735269

Brigham, Tara J

2014-01-01

388

Using Web Services to Build Grid Applications-The No Risk WSGAF Profile.  

National Technical Information Service (NTIS)

This document presents design pattern recommendations for building Grid applications based on the principles of service orientation and using existing Web Services technologies. The design pattern described in this document is a subset of the Web Services...

S. Parastatidis J. Webber P. Watson

2004-01-01

389

SMART Sensors for Homeland Security Applications  

SciTech Connect

New SMART approaches to fast, high sensitivity, high selectivity, low false indication, self communicating, distributed sensor networks for detection of chemical, biological and radiation threats are being developed at PNNL. These new sensors have their roots in clever combinations of high affinity ligands, self assembled monolayers, shape-specific receptor surfaces, mesoporous superstructures, rapidly fabricated single-chain antibodies, stabilized enzyme reactors and manipulated micro-beads for optical, mass, and direct electronic transduction. Assemblies of these SMART materials and structures are able to efficiently reject the bulk of highly cluttered physical environmental backgrounds, collect the product of interest with extremely high selectivity, concentrate it and present it for efficient and sensitive detection. The general construction methodology for these structures and examples of new sensor systems for detecting chemical, biological and nuclear materials of concern in the Homeland Security context is presented.

Lind, Michael A.; Wright, Bob W.

2004-02-27

390

SMART sensors for homeland security applications  

NASA Astrophysics Data System (ADS)

New SMART approaches to fast, high sensitivity, high selectivity, low false indication, self communicating, distributed sensor networks for detection of chemical, biological and radiation threats are being developed at PNNL. These new sensors have their roots in clever combinations of high affinity ligands, self assembled monolayers, shape-specific receptor surfaces, mesoporous superstructures, rapidly fabricated single-chain antibodies, stabilized enzyme reactors and manipulated micro-beads for optical, mass, and direct electronic transduction. Assemblies of these SMART materials and structures are able to efficiently reject the bulk of highly cluttered physical environmental backgrounds, collect the product of interest with extremely high selectivity, concentrate it and present it for efficient and sensitive detection. The general construction methodology for these structures and examples of new sensor systems for detecting chemical, biological and nuclear materials of concern in the Homeland Security context is presented.

Lind, Michael A.; Wright, Bob W.

2004-07-01

391

Building messaging substrates for Web and Grid applications.  

PubMed

Grid application frameworks have increasingly aligned themselves with the developments in Web services. Web services are currently the most popular infrastructure based on service-oriented architecture (SOA) paradigm. There are three core areas within the SOA framework: (i) a set of capabilities that are remotely accessible, (ii) communications using messages and (iii) metadata pertaining to the aforementioned capabilities. In this paper, we focus on issues related to the messaging substrate hosting these services; we base these discussions on the NARADABROKERING system. We outline strategies to leverage capabilities available within the substrate without the need to make any changes to the service implementations themselves. We also identify the set of services needed to build Grids of Grids. Finally, we discuss another technology, HPSEARCH, which facilitates the administration of the substrate and the deployment of applications via a scripting interface. These issues have direct relevance to scientific Grid applications, which need to go beyond remote procedure calls in client-server interactions to support integrated distributed applications that couple databases, high performance computing codes and visualization codes. PMID:16099746

Fox, Geoffrey; Pallickara, Shrideep; Pierce, Marlon; Gadgil, Harshawardhan

2005-08-15

392

A knowledge-based approach to security requirements for e-health applications  

Microsoft Academic Search

This paper introduces a knowledge-based approach for the security analysis and design of e- health applications. Following this approach, knowledge acquired through the process of developing secure e-health applications is represented in the form of security patterns; thus, it is made available to future developers. In this paper we present a set of security patterns that was developed based on

S. Dritsas; L. Gymnopoulos; M. Karyda; T. Balopoulos; S. Kokolakis; C. Lambrinoudakis; S. Katsikas

393

Secure Mobile Agent System for E-Business Applications  

Microsoft Academic Search

Mobile agent systems provide a great flexibility and customizability to distributed applications like ebusiness and information retrieval in the current scenario. Security is a crucial concern for such systems, especially when they are to be used to deal with money transaction. Mobile agents moving around the network are not safe as the remote hosts that accommodate the agents can initiate

A. Kannammal; V. Ramachandran; N. Ch. S. N. Iyengar

2006-01-01

394

Application of COBIT to Security Management in Information Systems Development  

Microsoft Academic Search

COBIT is a collection of good practices and processes for IT governance. It provides the effective measures, indicators and activities for enterprise. COBIT has also been applied to the other governance, e. g., software process, security governance, IT service management. However, since COBIT is too general-purpose, it requires deep expert knowledge for the implementation of each application. Although the guideline

Shoichi Morimoto

2009-01-01

395

Feature Extraction System for Contextual Classification within Security Imaging Applications  

Microsoft Academic Search

Throughout security imaging applications, there is a persistent need for accurate contextual classification of objects within the scene so proper subsequent decisions can be made. To generate a set of scene attributes necessary for this analysis, this paper presents a novel feature extraction system composed of three divisions: an edge detection system, a segmentation system, and a recognition system. System

E. E. Danahy; K. A. Panetta; S. S. Agaian

2007-01-01

396

Custom electronic nose with potential homeland security applications  

Microsoft Academic Search

Detailed in this work is the design and development of a handheld electronic nose nose with an array of conducting polymer composite film sensors interfaced to a Compaq iPAQ. The device has potential applications in homeland security, such as screening people packages, luggage and vehicles at key locations such as airports or government buildings, for the prevention of terrorist attacks.

K. I. Arshak; C. Cunniffe; E. G. Moore; L. M. Cavanagh

2006-01-01

397

Privacy and security in biomedical applications of wireless sensor networks  

Microsoft Academic Search

Wireless sensor network applications in healthcare and biomedical technology have received increasing attention, while associated security and privacy issues remain open areas of consideration. The relevance of this technology to our growing elderly population, as well as our increasingly over-crowded and attention-drained healthcare systems, is promising. However, prior to the emergence of these systems as a ubiquitous technology, healthcare providers

Ellen Stuart; Melody Moh; Teng-Sheng Moh

2008-01-01

398

Microholographic computer generated holograms for security applications: Microtags.  

National Technical Information Service (NTIS)

We have developed a method for encoding phase and amplitude in microscopic computer-generated holograms (microtags) for security applications. Eight-by-eight-cell and 12 x 12-cell phase-only and phase-and-amplitude microtag designs has been exposed in pho...

W. C. Sweatt M. E. Warren S. H. Kravitz

1998-01-01

399

Desenvolvimento do Modelo WSIVM para Aperfeiçoar a Segurança em SOA e Serviços Web  

Microsoft Academic Search

The SOA architecture primarily based on Web Services is having a steady adoption, despite this growth is lower than expected when it was established, thats mainly because of difficulties defining security related aspects. Web Services inherited a lot of well-known security problems of web applications and brought new ones. The majority of attacks today are consequences of bad input validation

Rafael Bosse Brinhosa; Carla Merkle Westphall; Carlos Becker Westphall

400

Wireless structural monitoring for homeland security applications  

NASA Astrophysics Data System (ADS)

This paper addresses the development of a robust, low-cost, low power, and high performance autonomous wireless monitoring system for civil assets such as large facilities, new construction, bridges, dams, commercial buildings, etc. The role of the system is to identify the onset, development, location and severity of structural vulnerability and damage. The proposed system represents an enabling infrastructure for addressing structural vulnerabilities specifically associated with homeland security. The system concept is based on dense networks of "intelligent" wireless sensing units. The fundamental properties of a wireless sensing unit include: (a) interfaces to multiple sensors for measuring structural and environmental data (such as acceleration, displacements, pressure, strain, material degradation, temperature, gas agents, biological agents, humidity, corrosion, etc.); (b) processing of sensor data with embedded algorithms for assessing damage and environmental conditions; (c) peer-to-peer wireless communications for information exchange among units(thus enabling joint "intelligent" processing coordination) and storage of data and processed information in servers for information fusion; (d) ultra low power operation; (e) cost-effectiveness and compact size through the use of low-cost small-size off-the-shelf components. An integral component of the overall system concept is a decision support environment for interpretation and dissemination of information to various decision makers.

Kiremidjian, Garo K.; Kiremidjian, Anne S.; Lynch, Jerome P.

2004-07-01

401

THE EFFECT OF WEB-BASED PROJECT APPLICATIONS ON STUDENTS' ATTITUDES TOWARDS CHEMISTRY  

Microsoft Academic Search

Students perform intensive web-based applications during their education. One of these is project-based application. In this study, the effect of web based project applications on students' attitudes towards chemistry has been investigated. 42 students attending Hacettepe University, Faculty of Education, and Department of Chemistry Education have been participated in these applications. Attitude Scale towards Chemistry has been administered before and

Inci MORGIL; Hatice GUNGOR SEYHAN; Evrim URAL ALSAN; Senar TEMEL

2008-01-01

402

C3-5: Patient Use of a Secure Web Portal and LDL in Patients with Diabetes  

PubMed Central

Background/Aims Patient use of web portals to interact with their healthcare delivery system and healthcare providers could improve the quality and safety of care. Among patients with diabetes in a large integrated delivery system (IDS), we examined the association between patient use of the web portals and cholesterol test results. Methods The health system implemented a web-based tool for all patients who registered to use the website in November 2005, allowing members to securely access a personal health record, as well as e-mail their physicians, and view their lab results. In this study, we defined patients as web-portal users when patients emailed their physicians or viewed lab results at the first time. We examined the association of patient web-portal use and low-density lipoprotein cholesterol (LDL) level using linear regression with fixed effect at patient level, adjusting for medical center electronic health record (EHR) implementation, quarter for seasonality, and year for temporal trend. Results The 169,711 patients in the IDS diabetes registry at the start of 2004 were followed through 2009. The number of patients who had used patient web-portal increased dramatically from 16% in 2006 to 35% in 2009. During 2004–2009, a total number of 1,070,856 LDL tests were performed among the study subjects and 18% of the tests were done after patients used the web-portal. Overall patient web-portal use was associated with reduction of LDL value by 0.81 mg/dL (95% CI: 0.64–0.97). Further examination among patients stratified by their baseline LDL (last value in 2003) showed that the largest reduction in LDL was found among those with worst control: on average, LDL level dropped by 0.36 mg/dL (95% CI: 0.14–0.57) among those with baseline LDL <100 mg/dL, 0.90mg/dL (95% CI: 0.63–1.18) among those with baseline LDL 100- <130mg/dL, and 2.04 mg/dL (95% CI: 1.59–2.50) among those with baseline LDL >130 mg/dL. Conclusions Patient use of a web-based portal to review laboratory results or email their clinicians increased substantially between 2006 and 2009. Patient use of web portals was associated with improvement of LDL level, with greater improvement among patients in worse control.

Huang, Jie; Graetz, Ilana; Brand, Richard; Hsu, John; Reed, Mary

2013-01-01

403

Using the PL/SQL Cartridge of the Oracle Application Server to Deploy Web Applications  

SciTech Connect

Deploying business applications on the internal Web is a priority at Oak Ridge National Laboratory (Lockheed Martin Energy Research) and Lockheed Martin Energy Systems, Inc. as with most corporations. Three separate applications chose the Oracle Application Server (OAS), using the PL/SQL cartridge as a Web deployment method. This method was chosen primarily because the data was already stored in Oracle tables and developers knew HJSQL or at least SQL. The Database Support group had the responsibility of installing, testing, and determining standard methods for interfacing with the PL/SQL cartridge of the OAS. Note that the term Web Application Server was used for version 3, but in this discussion, OAS will be used for both version 3 and version 4.

Begovich, C.L.

1999-06-14

404

Supporting Case-Based Learning in Information Security with Web-Based Technology  

ERIC Educational Resources Information Center

Case-based learning has been widely used in many disciplines. As an effective pedagogical method, case-based learning is also being used to support teaching and learning in the domain of information security. In this paper, we demonstrate case-based learning in information security by sharing our experiences in using a case study to teach security

He, Wu; Yuan, Xiaohong; Yang, Li

2013-01-01

405

Web Robots and Web Mining  

NSDL National Science Digital Library

Manually indexing the World Wide Web is obviously an impossible task, and it is even a daunting challenge for automated techniques. Web content mining is a general term used to describe these techniques, which are intended for information categorization and filtering. Web robots serve a variety of purposes, including indexing; and they can be useful or, in some cases, harmful. Web usage mining, on the other hand, is used to determine how a Web site's structure and organization effect the way users navigate the site.The Web Robots Pages (1) is an excellent starting place to learn about these automated programs. Several hundred robots are documented in a database, and a selection of papers considers proper ethics and guidelines for using robots, among other things. An article on Web mining and its subclasses is given on DM Review (2). It describes the basics of Web analysis and outlines many benefits Web mining can offer. A course homepage on Web data mining from DePaul University (3) offers a broad selection of reading material on the subject. Mostly consisting of research papers and journal articles, the documents range from general applications to specific theories and case studies. Two computer scientists from Polytechnic University propose a robust, distributed Web crawler (another term for Web robot), intended for large-scale network interaction (4). The twelve page paper begins with the motivation for the project, and continues with a full description of the system architecture and implementation. The November 2002 issue of Computer magazine featured an article on Data Mining for Web Intelligence (5). It points out that today's Internet is lacking in many key aspects, and that Web mining will play an important role in the development of improved search engines and automatic document classification. A short poster presentation from the 2002 International World Wide Web Conference (6) introduces GeniMiner, a Web search strategy based on a genetic algorithm. GeniMiner operates on the premise of finding a nearly optimal solution in order to minimize manual analysis of the search results. KDnuggets (7) is a free, biweekly newsletter on data and Web mining. In recent issues, special attention has been given to the Total Information Awareness project, which is investigating ways of mining the Web and email for possible information about terrorist activity. Web robots are occasionally used for malicious purposes, namely to automatically register for free email or participate in online polls. A technology that was developed to counter these robots involved using a blurred or distorted word to gain access, which could easily be read by a human but would be impossible for a robot to read. In a press release from the University of California at Berkeley (8), researchers have discovered a way to allow Web robots to crack this security system. The article describes how it was accomplished and provides motivation for more advanced security measures.

Leske, Cavin.

2003-01-01

406

Application of web-GIS approach for climate change study  

NASA Astrophysics Data System (ADS)

Georeferenced datasets are currently actively used in numerous applications including modeling, interpretation and forecast of climatic and ecosystem changes for various spatial and temporal scales. Due to inherent heterogeneity of environmental datasets as well as their huge size which might constitute up to tens terabytes for a single dataset at present studies in the area of climate and environmental change require a special software support. A dedicated web-GIS information-computational system for analysis of georeferenced climatological and meteorological data has been created. It is based on OGC standards and involves many modern solutions such as object-oriented programming model, modular composition, and JavaScript libraries based on GeoExt library, ExtJS Framework and OpenLayers software. The main advantage of the system lies in a possibility to perform mathematical and statistical data analysis, graphical visualization of results with GIS-functionality, and to prepare binary output files with just only a modern graphical web-browser installed on a common desktop computer connected to Internet. Several geophysical datasets represented by two editions of NCEP/NCAR Reanalysis, JMA/CRIEPI JRA-25 Reanalysis, ECMWF ERA-40 Reanalysis, ECMWF ERA Interim Reanalysis, MRI/JMA APHRODITE's Water Resources Project Reanalysis, DWD Global Precipitation Climatology Centre's data, GMAO Modern Era-Retrospective analysis for Research and Applications, meteorological observational data for the territory of the former USSR for the 20th century, results of modeling by global and regional climatological models, and others are available for processing by the system. And this list is extending. Also a functionality to run WRF and "Planet simulator" models was implemented in the system. Due to many preset parameters and limited time and spatial ranges set in the system these models have low computational power requirements and could be used in educational workflow for better understanding of basic climatological and meteorological processes. The Web-GIS information-computational system for geophysical data analysis provides specialists involved into multidisciplinary research projects with reliable and practical instruments for complex analysis of climate and ecosystems changes on global and regional scales. Using it even unskilled user without specific knowledge can perform computational processing and visualization of large meteorological, climatological and satellite monitoring datasets through unified web-interface in a common graphical web-browser. This work is partially supported by the Ministry of education and science of the Russian Federation (contract #8345), SB RAS project VIII.80.2.1, RFBR grant #11-05-01190a, and integrated project SB RAS #131.

Okladnikov, Igor; Gordov, Evgeny; Titov, Alexander; Bogomolov, Vasily; Martynova, Yuliya; Shulgina, Tamara

2013-04-01

407

Nanomaterials and their application to defense and homeland security  

NASA Astrophysics Data System (ADS)

A critical issue to homeland security and defense is the development of broad range collectors and detectors of weapons of mass destruction. Nanoscience and nanotechnology are increasingly important in the area of such separation and detection. This article presents an overview of the research at the Forensic Science Center at Lawrence Livermore National Laboratory to develop nanostructured materials for applications to forensics and homeland security. Among the many types of nanomaterials reviewed are silica-based materials, molecular imprinted polymers, and silicon platforms. The main aim of the article is to optimize these new classes of materials for the collection concentration and detection of chemical weapons or other related compounds.

Reynolds, John G.; Hart, Bradley R.

2004-01-01

408

Millimeter-Wave and Terahertz Imaging in Security Applications  

NASA Astrophysics Data System (ADS)

The relatively short wavelength of mm-wave and THz radiation coupled with good transmission through many dielectric materials allows images to be formed of concealed objects. This chapter gives an overview of the detectors, their associated circuitry, and system developments over the past 10 years, focussing on personnel security screening. We will discuss the phenomenology of imaging at these wavelengths, introduce the reader to the basic architectures being used and developed for image forming instruments, show examples of systems, and also discuss the feasibility of spectroscopic THz imaging for security screening applications.

Luukanen, Arttu; Appleby, Roger; Kemp, Mike; Salmon, Neil

409

Telepresence mobile robot for security applications  

Microsoft Academic Search

A mobile telepresence robot is currently being developed for use in surveillance and fire-detection applications that will be integrated into the present intelligent building system. The authors discuss the design, construction, and man-machine interface of the mobile telepresence robot. This system will allow the building operator to patrol remote areas from the safety and comfort of the building's control center.

Robert J. Schultz; Ryoji Nakajima; Junji Nomura

1991-01-01

410

MAGDA and MAGNATE: Secure Web-Based Data Distribution and Visualization for the Cassini Magnetometer  

NASA Astrophysics Data System (ADS)

The measurements of Saturn's magnetic field acquired by the Cassini magnetometer (MAG) to date have provided the basis of numerous pioneering scientific studies of the planet's magnetic and plasma environs. MAG data is essential for, among other applications, understanding the nature of the particle distributions observed by the plasma instruments onboard Cassini. In order to facilitate interaction and collaboration between instrument teams, we have developed a multi-layered suite of software to provide an intuitive interface for accessing, visualizing and analysing MAG data from the Cassini spacecraft. In this presentation, we describe architecture and capabilities of the MAG software systems, and how they promote collaboration between subscribing Cassini scientists and other users. The 'layered' approach of this software model comproses the following components: (i) MAGDA - A web-based system for locating, retrieving and preliminary visualization of magnetometer (MAG) data, which requires no proprietary client software; (ii) MAGNATE - A package of Matlab routines which allows users to perform more detailed analyses and more 'customised' visualization of datasets which they have retrieved using MAGDA. (iii) Data-Handling Libraries - For advanced users who may wish to integrate MAG data-handling with their own applications, we provide a set of Java classes for this purpose (which are platform-independent). The systems described are implemented using industry-standard languages and protocols in order to make them accessible by the widest possible user community.

Seears, T.; Achilleos, N.; Kellock, S.; Slootweg, P.; Dougherty, M.

2006-05-01

411

The research of network database security technology based on web service  

NASA Astrophysics Data System (ADS)

Database technology is one of the most widely applied computer technologies, its security is becoming more and more important. This paper introduced the database security, network database security level, studies the security technology of the network database, analyzes emphatically sub-key encryption algorithm, applies this algorithm into the campus-one-card system successfully. The realization process of the encryption algorithm is discussed, this method is widely used as reference in many fields, particularly in management information system security and e-commerce.

Meng, Fanxing; Wen, Xiumei; Gao, Liting; Pang, Hui; Wang, Qinglin

2013-03-01

412

An Enhanced Secure and Scalable Model for Enterprise Applications using Automated Monitoring  

Microsoft Academic Search

E-Business must be highly secured and scalable to provide efficient services to millions of clients on the web. This paper proposes a new approach based on shared objects to improve security and mobile agents to improve scalability. The e-business uses shared objects and mobile agents to update the clients automatically with new information. The agent that resides in the database

A. Kannammal; V. Ramachandran; N. Ch. S. N. Iyengar

2006-01-01

413

Offline web application and quiz synchronization for e-learning activity for mobile browser  

Microsoft Academic Search

Rapid growing of internet applications and users has led the improvement of mobile web browser technology and standards such as HTML5. Recently, HTML5 is turning to be a de facto standard after some of its features has been implemented in major mobile web browsers. Moodle as a web based Learning Management System (LMS) has been popular in academic environment for

Royyana M. Ijtihadie; Yoshifumi Chisaki; Tsuyoshi Usagawa; H. B. Cahyo; Achmad Affandi

2010-01-01

414

An Evaluation of Web Services in the Design of a B2B Application  

Microsoft Academic Search

This paper describes the architectural considerations in the design of a web services B2B application. A component design is presented which exploits the postulated advantages of object oriented and web services technologies. Our main focus has been to design interim measures to overcome the limitations of current web services architecture and standards. We discuss our interim design with reference to

K. Hogg; P. Chilcott; M. Nolan; B. Srinivasan

2004-01-01

415

Specification and Verification of Multi-user Data-Driven Web Applications  

NASA Astrophysics Data System (ADS)

We propose a model for multi-user data-driven communicating Web applications. An arbitrary number of users may access the application concurrently through Web sites and Web services. A Web service may have an arbitrary number of instances. The interaction between users and Web application is data-driven. Synchronous communication is done by shared access to the database and global application state. Private information may be stored in a local state. Asynchronous communication is done by message passing. A version of first-order linear time temporal logic (LTL-FO) is proposed to express behavioral properties of Web applications. The model is used to formally specify a significant fragment of an e-business application. Some of its desirable properties are expressed as LTL-FO formulas. We study a decision problem, namely whether the model satisfies an LTL-FO formula. We show the undecidability of the unrestricted verification problem and discuss some restrictions that ensure decidability.

Marcus, Monica

416

Haystack: A Platform for Authoring End User Semantic Web Applications  

Microsoft Academic Search

The Semantic Web promises to open innumerable opportunities for automation and information retrieval by standardizing the protocols for meta- data exchange. However, just as the success of the World Wide Web can be at- tributed to the ease of use and ubiquity of Web browsers, we believe that the unfolding of the Semantic Web vision depends on users getting powerful

Dennis Quan; David Huynh; David R. Karger

2003-01-01

417

Efficiency of Stiffened Pannels with Application to Shear Web Design.  

National Technical Information Service (NTIS)

Criteria for the design of stiffened panels, based on the concept of efficiency, are reviewed. The shear web example is chosen, and results for conventional stiffened webs, truss webs, post-buckled designs, and webs of corrugated cross-section are present...

A. Rothwell

1984-01-01

418

Noble Gas Excimer Detectors for Security and Safeguards Applications  

NASA Astrophysics Data System (ADS)

Noble gas excimer detectors are a technology that is common in particle physics research and less common in applications for security and international safeguards. These detectors offer the capability to detect gammas with an energy resolution similar to NaI and to detect neutrons with good energy resolution as well. Depending on the noble gas selected and whether or not it is in a gaseous or liquid state, the sensitivity to gammas and neutrons can be tuned according to the needs of the application. All of this flexibility can be available at a significant cost saving over alternative technologies. This paper will review this detector technology and its applicability to security and safeguards.

Hynes, Michael V.; Chandra, Rico; Davatz, Giovanna; Lanza, Richard

2011-12-01

419

Towards End User Development of Web Applications for SMEs: A Component Based Approach  

Microsoft Academic Search

\\u000a ‘Garbage in Garbage out!’ This is very true when user requirements are not addressed accurately in Web (or any) Application\\u000a development. Adding fuel to this fire is the ever-changing business requirements that force these web (or any) applications\\u000a to change and evolve. In order to deliver web applications that meet user requirements, within budget and time constraints,\\u000a it is important

Jeewani Anupama Ginige; Buddhima De Silva; Athula Ginige

2005-01-01

420

Integrating Sensor Webs with Modeling and Data-assimilation Applications: An SOA Implementation  

Microsoft Academic Search

A sensor web framework is implemented to enable two-way interactions between sensors and traditional modeling\\/data-assimilation applications for the land information sensor web (LISW). A service-oriented architecture (SOA) is adopted and implemented with representational state transfer (REST)-style web services. The web services are built upon a message-oriented middleware with a publish\\/subscribe model. Prototype sensor observation service (SOS) and sensor planning service

Yudong Tian; P. R. Houser; S. V. Kumar

2008-01-01

421

Build great web search applications quickly with Solr and Blacklight  

NASA Astrophysics Data System (ADS)

The NRAO faced performance and usability issues after releasing a single-search-box ("Google-like") web application to query data across all NRAO telescope archives. Running queries with several relations across multiple databases proved to be very expensive in compute resources. An investigation for a better platform led to Solr and Blacklight, a solution stack which allows in-house development to focus on in-house problems. Solr is an Apache project built on Lucene to provide a modern search server with a rich set of features and impressive performance. Blacklight is a web user interface (UI) for Solr primarily developed by libraries at the University of Virginia and Stanford University. Though Blacklight targets libraries, it is highly adaptable for many types of search applications which benefit from the faceted searching and browsing, minimal configuration, and flexible query parsing of Solr and Lucene. The result: one highly reused codebase provides for millisecond response times and a flexible UI. Not just for observational data, NRAO is rolling out Solr and Blacklight across domains of library databases, telescope proposals, and more -- in addition to telescope data products, where integration with the Virtual Observatory is on-going.

Duplain, Ron; Balser, Dana S.; Radziwill, Nicole M.

2010-07-01

422

Hilda: A High-Level Language for Data-DrivenWeb Applications  

Microsoft Academic Search

We propose Hilda, a high-level language for developing data-driven web applications. The primary benefits of Hilda over existing development platforms are: (a) it uses a uni- fied data model for all layers of the application, (b) it is declarative, (c) it models both application queries and up- dates, (d) it supports structured programming for web sites, and (e) it enables

Fan Yang; Jayavel Shanmugasundaram; Mirek Riedewald; Johannes Gehrke

2006-01-01

423

The Effect of Web-Based Project Applications on Students' Attitudes towards Chemistry  

ERIC Educational Resources Information Center

Students perform intensive web-based applications during their education. One of these is project-based application. In this study, the effect of web based project applications on students' attitudes towards chemistry has been investigated. 42 students attending Hacettepe University, Faculty of Education, and Department of Chemistry Education have…

Morgil, Inci; Gungor Seyhan, Hatice; Ural Alsan, Evrim; Temel, Senar

2008-01-01

424

Network-Based Learning and Assessment Applications on the Semantic Web  

ERIC Educational Resources Information Center

Today's Web applications are already "aware" of the network of computers and data on the Internet, in the sense that they perceive, remember, and represent knowledge external to themselves. However, Web applications are generally not able to respond to the meaning and context of the information in their memories. As a result, most applications are…

Gibson, David

2005-01-01

425

Ranking Preferred Web 2.0 Applications of eWOM: An AHP Proposed Research Agenda  

Microsoft Academic Search

With the proliferation of Web 2.0 tools and applications on the internet, there is an exponential increase in the number of online postings submitted by web users on their opinions, experiences, etc. Despite the popularity gained by such applications, it is not easy to conclude one application (e.g. blogs, social networking sites, etc.) to be better than another. Even if

Joshua Ignatius; T. Ramayah

2009-01-01

426

A strategy for the development of secure telemedicine applications.  

PubMed Central

Healthcare applications based on computer-supported collaboration technologies have the potential to improve the quality of care delivered to patients. Such applications can help overcome barriers to quality healthcare in the small, scattered populations of rural areas enabling telemedicine to be a part of the practice of medicine. However the growing concern about the potential for abuse through disclosure of personal health information to unauthorized parties has restricted the deployment and adoption of these potentially valuable tools. The authors, who built ARTEMIS--an Intranet healthcare collaboration facility, now describe their approach to develop secure telemedicine applications for rural healthcare practitioners.

Raman, R. S.; Reddy, R.; Jagannathan, V.; Reddy, S.; Cleetus, K. J.; Srinivas, K.

1997-01-01

427

37 CFR 5.1 - Applications and correspondence involving national security.  

Code of Federal Regulations, 2013 CFR

...AND LICENSES TO EXPORT AND FILE APPLICATIONS IN FOREIGN COUNTRIES...that are national security classified (see § 1.9(i) of this chapter...Office. National security classified documents filed in the Office...applicant in a national security classified patent application must...

2013-07-01

428

Web-Based Recruitment: Effects of Information, Organizational Brand, and Attitudes Toward a Web Site on Applicant Attraction  

Microsoft Academic Search

Recruitment theory and research show that objective characteristics, subjective considerations, and critical contact send signals to prospective applicants about the organization and available opportunities. In the generating applicants phase of recruitment, critical contact may consist largely of interactions with recruitment sources (e.g., newspaper ads, job fairs, organization Web sites); however, research has yet to fully address how all 3 types

David G. Allen; Raj V. Mahto; Robert F. Otondo

2007-01-01

429

Network Security and Safety Precautions  

Microsoft Academic Search

A more and more enterprises using Web services to accelerate its own development. At this point, how to network in an open application environment, guard the confidentiality of their data, resources are more and more concern for people, network security has become the network an integral part of the building. This paper introduces the architecture of network security, and further

Yishan Gong; Guanghong Yue; Quansheng Xu

2010-01-01

430

Security Aspects of Smart Cards vs. Embedded Security in Machine-to-Machine (M2M) Advanced Mobile Network Applications  

NASA Astrophysics Data System (ADS)

The Third Generation Partnership Project (3GPP) standardisation group currently discusses advanced applications of mobile networks such as Machine-to-Machine (M2M) communication. Several security issues arise in these contexts which warrant a fresh look at mobile networks’ security foundations, resting on smart cards. This paper contributes a security/efficiency analysis to this discussion and highlights the role of trusted platform technology to approach these issues.

Meyerstein, Mike; Cha, Inhyok; Shah, Yogendra

431

NEUTRON AND GAMMA RAY DETECTION FOR BORDER SECURITY APPLICATIONS  

SciTech Connect

Countries around the world are deploying radiation detection instrumentation to interdict the illegal shipment of radioactive material crossing international borders. These efforts include deployments in the U.S. and in a number of other countries by governments and international organizations. Most deployed radiation portal monitor systems are based on plastic scintillator for gamma-ray detection and 3He tubes for neutron detection. The approach to this homeland security application, and lessons learned, are discussed.

Kouzes, Richard T.

2010-05-21

432

Nanomaterials and their application to defense and homeland security  

Microsoft Academic Search

A critical issue to homeland security and defense is the development of broad range collectors and detectors of weapons of\\u000a mass destruction. Nanoscience and nanotechnology are increasingly important in the area of such separation and detection.\\u000a This article presents an overview of the research at the Forensic Science Center at Lawrence Livermore National Laboratory\\u000a to develop nanostructured materials for applications

John G. Reynolds; Bradley R. Hart

2004-01-01

433

A Streamflow Statistics (StreamStats) Web Application for Ohio  

USGS Publications Warehouse

A StreamStats Web application was developed for Ohio that implements equations for estimating a variety of streamflow statistics including the 2-, 5-, 10-, 25-, 50-, 100-, and 500-year peak streamflows, mean annual streamflow, mean monthly streamflows, harmonic mean streamflow, and 25th-, 50th-, and 75th-percentile streamflows. StreamStats is a Web-based geographic information system application designed to facilitate the estimation of streamflow statistics at ungaged locations on streams. StreamStats can also serve precomputed streamflow statistics determined from streamflow-gaging station data. The basic structure, use, and limitations of StreamStats are described in this report. To facilitate the level of automation required for Ohio's StreamStats application, the technique used by Koltun (2003)1 for computing main-channel slope was replaced with a new computationally robust technique. The new channel-slope characteristic, referred to as SL10-85, differed from the National Hydrography Data based channel slope values (SL) reported by Koltun (2003)1 by an average of -28.3 percent, with the median change being -13.2 percent. In spite of the differences, the two slope measures are strongly correlated. The change in channel slope values resulting from the change in computational method necessitated revision of the full-model equations for flood-peak discharges originally presented by Koltun (2003)1. Average standard errors of prediction for the revised full-model equations presented in this report increased by a small amount over those reported by Koltun (2003)1, with increases ranging from 0.7 to 0.9 percent. Mean percentage changes in the revised regression and weighted flood-frequency estimates relative to regression and weighted estimates reported by Koltun (2003)1 were small, ranging from -0.72 to -0.25 percent and -0.22 to 0.07 percent, respectively.

Koltun, G. F.; Kula, Stephanie P.; Puskas, Barry M.

2006-01-01

434

Web-based Video Annotation and its Applications  

NASA Astrophysics Data System (ADS)

In this paper, we developed a Web-based video annotation system, named iVAS (intelligent Video Annotation Server). Audiences can associate any video content on the Internet with annotations. The system analyzes video content in order to acquire cut/shot information and color histograms. And it also automatically generates a Web page for editing annotations. Then, audiences can create annotation data by two methods. The first one helps the users to create text data such as person/object names, scene descriptions, and comments interactively. The second method facilitates the users associating any video fragments with their subjective impression by just clicking a mouse button. The generated annotation data are accumulated and managed by an XML database connected with iVAS. We also developed some application systems based on annotations such as video retrieval, video simplification, and video-content-based community support. One of the major advantages of our approach is easy integration of hand-coded and automatically-generated (such as color histograms and cut/shot information) annotations. Additionally, since our annotation system is open for public, we must consider some reliability or correctness of annotation data. We also developed an automatic evaluation method of annotation reliability using the users' feedback. In the future, these fundamental technologies will contribute to the formation of new communities centered around video content.

Yamamoto, Daisuke; Nagao, Katashi

435

The security system analyzer: An application of the Prolog language  

SciTech Connect

The Prolog programming language and entity-relationship modeling techniques were used to demonstrate a methodology for security system applications. A knowledge base was built that consists of statements modeling a generic building and surrounding area, including security fences and intrusion detectors (sensors and TV cameras). Declarative Prolog statements have the capability to use the knowledge base information in a routine manner to provide descriptive information about sensors, to dynamically update the knowledge base to provide on-line recording of changes in detector status or maintenance history, and to analyze the configuration of the building, surrounding area, and intrusion detector layout and current operability status in order to determine all the pathways from one specified point to another specified point which result in the detection probability being less than some specified value (i.e., find the ''weakest paths''). This ''search'' capability, which is the heart of the SECURITY program, allows the program to perform a CAD (computer aided design) function, and to provide a real-time security degradation analysis if intrusion detectors become inoperable. 2 refs., 3 figs.

Zimmerman, B.D.; Seeman, S.E.

1986-02-20

436

Transforming the web into a real application platform: new technologies, emerging trends and missing pieces  

Microsoft Academic Search

The World Wide Web has evolved from a simple document browsing and distribution environment into a rich software platform in which desktop-style applications are increasingly becoming first class citizens. The document-oriented origins of the Web are still evident in many areas, though, and traditionally it has been difficult to compose truly interactive web applications without using plug-in components or browser

Matti Anttonen; Arto Salminen; Tommi Mikkonen; Antero Taivalsaari

2011-01-01

437

Editorial message: special track on web and E-business applications  

Microsoft Academic Search

The World WideWeb has become the standard computing platform for the development of new-generation information systems. A new tide of Web-based e-business applications (such as corporate portals, network-based supply chains and market places, etc.) is driving the need for a more open, flexible and distributed infrastructure, together with appropriate development methodologies and theoretical settings. Today's web applications involve skills from

Sara Comai; Letizia Tanca

2002-01-01

438

Remote Sensing Information Gateway: A free application and web service for fast, convenient, interoperable access to large repositories of atmospheric data  

NASA Astrophysics Data System (ADS)

EPA's Remote Sensing Information Gateway (RSIG) is a widely used free applet and web service for quickly and easily retrieving, visualizing and saving user-specified subsets of atmospheric data - by variable, geographic domain and time range. Petabytes of available data include thousands of variables from a set of NASA and NOAA satellites, aircraft, ground stations and EPA air-quality models. The RSIG applet is used by atmospheric researchers and uses the rsigserver web service to obtain data and images. The rsigserver web service is compliant with the Open Geospatial Consortium Web Coverage Service (OGC-WCS) standard to facilitate data discovery and interoperability. Since rsigserver is publicly accessible, it can be (and is) used by other applications. This presentation describes the architecture and technical implementation details of this successful system with an emphasis on achieving convenience, high-performance, data integrity and security.

Plessel, T.; Szykman, J.; Freeman, M.

2012-12-01

439

Uncertainty: An extra layer of security For Unauthorized traffic based Web Services  

Microsoft Academic Search

Distributed web services are under constant threat of being attacked from nodes, internal or external to the system. Internal attacks may result from hijacking of trusted web servers, resulting in loss\\/corruption of information, and Denial of Service (DoS) to clients. External attacks can occur from hijacking of trusted clients or malicious nodes leading to DoS to clients. The paper focuses

Parag Agarwal; B. Prabhakaran; Bhavani Thuraisingham

440

Security Technologies for Open Networking Environments (STONE)  

SciTech Connect

Under this project SETECS performed research, created the design, and the initial prototype of three groups of security technologies: (a) middleware security platform, (b) Web services security, and (c) group security system. The results of the project indicate that the three types of security technologies can be used either individually or in combination, which enables effective and rapid deployment of a number of secure applications in open networking environments. The middleware security platform represents a set of object-oriented security components providing various functions to handle basic cryptography, X.509 certificates, S/MIME and PKCS No.7 encapsulation formats, secure communication protocols, and smart cards. The platform has been designed in the form of security engines, including a Registration Engine, Certification Engine, an Authorization Engine, and a Secure Group Applications Engine. By creating a middleware security platform consisting of multiple independent components the following advantages have been achieved - Object-oriented, Modularity, Simplified Development, and testing, Portability, and Simplified extensions. The middleware security platform has been fully designed and a preliminary Java-based prototype has been created for the Microsoft Windows operating system. The Web services security system, designed in the project, consists of technologies and applications that provide authentication (i.e., single sign), authorization, and federation of identities in an open networking environment. The system is based on OASIS SAML and XACML standards for secure Web services. Its topology comprises three major components: Domain Security Server (DSS) is the main building block of the system Secure Application Server (SAS) Secure Client In addition to the SAML and XACML engines, the authorization system consists of two sets of components An Authorization Administration System An Authorization Enforcement System Federation of identities in multi-domain scenarios is supported by a set of security engines that represent the core of the Federated Identities Management Server, which is also an extension of the Domain Security Server. The Federated Identity Management server allows users to federate their identities or terminate the federation between the service provider and the identity provider. At the service provider web site, the users are offered a list of identity providers to which they can choose to federate their identities. After users federate their identity, they can perform Single Sign-On protocol in an environment of federated domains. The group security system consists of a number of security technologies under a unified architecture, which supports creation of secure groups and execution of secure group transactions and applications in an open networking environment. The system is based on extensions of the GSAKMP standard for group key distribution and management. The Top layer is the Security Infrastructure with the Security Management and Administration System components and protocols that provide security functions common to all secure network applications The Middle layer is the Secure Group Protocols and Applications layer, consisting of the Policy and Group Key Distribution Server and Web-based (thin) Client. The Bottom layer is the supporting Middleware Security Platform, the cryptographic platform already described above. The group security system is designed to perform the functions necessary to create secure groups and enable secure group applications. Specifically, the system can manage group roles, create and disseminate a group security policy, perform authentication and authorization of users using PKI certificates and Web services security, generate group keys, and recover from compromises. In accordance with the GSAKMP standard, the group security system must perform all the required group life-cycle functions: group definition, group establishment, group maintenance, and group removal. The group security system has been designed to support four roles: The Security Domain Ad

Muftic, Sead

2005-03-31

441

Information Retrieval from the Web and Application of Migrating Crawler  

Microsoft Academic Search

Study reports that about 40% of current internet traffic and bandwidth consumption is due to the web crawlers that retrieve pages for indexing by the different search engines. As the size of the web continues to grow, searching it for useful information has become increasingly difficult. The centralized crawling techniques are unable to cope up with constantly growing web. In

Niraj Singhal; R. P. Agarwal; Ashutosh Dixit; A. K. Sharma

2011-01-01

442

Situating CoWeb: A Scholarship of Application  

ERIC Educational Resources Information Center

Since 1998, we have been developing and researching CoWeb, a version of Wiki designed to support collaborative learning. In this article, we summarize our results of situating CoWeb across the academic landscape of Georgia Tech. In architecture, CoWeb enabled faculty to serve more students in a design-based course. In English composition, a…

Rick, Jochen; Guzdial, Mark

2006-01-01

443

Web and Desktop Applications for ALMA Science Verification Data  

NASA Astrophysics Data System (ADS)

ALMA is the largest radio telescope operating in Chile, and it is expected to produce 200 TB of data every year. Even a data cube obtained for a single source can exceed 1 TB. It is, therefore, crucial to reduce the size of data transmitted through the Internet by doing a cutout of a part of a data cube and/or reducing the spatial/frequency resolution before transferring the data. To specify the cutout region or required resolution, one needs to overview the whole of the data without transferring the large data cube. For this purpose, we developed two applications for quick-looking ALMA data cube, ALMA Web QL and Desktop Viewer (Vissage).

Shirasaki, Y.; Kawasaki, W.; Eguchi, S.; Komiya, Y.; Kosugi, G.; Ohishi, M.; Mizumoto, Y.

2013-10-01

444

Tools and approaches for developing data-intensive Web applications: a survey  

Microsoft Academic Search

The exponential growth and capillar diffusion of the Web are nurturing a novel generation of applications, characterized by a direct business-to-customer relationship. The development of such applications is a hybrid between traditional IS development and Hypermedia authoring, and challenges the existing tools and approaches for software production. This paper investigates the current situation of Web development tools, both in the

Piero Fraternali

1999-01-01

445

Web-Based Intelligent E-Learning Systems: Technologies and Applications  

ERIC Educational Resources Information Center

Collecting and presenting the latest research and development results from the leading researchers in the field of e-learning systems, Web-Based Intelligent E-Learning Systems: Technologies and Applications provides a single record of current research and practical applications in Web-based intelligent e-learning systems. This book includes major…

Ma, Zongmin

2006-01-01

446

Teachers' Characteristics and Information Application Strategies of the World Wide Web.  

ERIC Educational Resources Information Center

This study investigated the use of the World Wide Web for instruction by fourth grade teachers. Identifies teacher characteristics, information-seeking strategies, and instructional application strategies, and reports that Web-knowledgeable teachers utilized reflexive application strategies and higher-level learning activities for teaching.…

Chen, Li-Ling; Huntsberger, John

2001-01-01

447

Object-Oriented Hypermedia Design and J2EE Technology for Web-based Applications  

Microsoft Academic Search

Web-based application development is a difficult ta sk, since these applications include various features, like graphical interfaces, navigational s tructures, business models, and wireless commu- nications, as well as other issues, such as serving a multitude of users, and the need for shorter development time. To overcome these complexities, it is indispensable to use web-based applica- tion designs and software

Habib Karimpour; Ayaz Isazadeh; Mohsen Heydarian

2008-01-01

448

WEB APPLICATION FOR TIMETABLE PLANNING IN THE HIGHER TECHNICAL COLLEGE OF INDUSTRIAL AND TELECOMMUNICATIONS ENGINEERING  

Microsoft Academic Search

The aim of this paper is to show a Web application developed in the University of Cantabria which allows for timetable management in an Engineering school with the peculiarity of having been developed using Informix Web datablade. First, the proposed Informix architecture to manage complex data is described; next, our project as application case is showed and finally, the experience

Marta E. Zorrilla Pantaleón; Eduardo Mora Monte; José Luis Crespo Fidalgo

449

A Java web application for allowing multiuser collaboration and exploration of existing VRML worlds  

Microsoft Academic Search

This work describes a new Java web application that enables users to explore and annotate VRML worlds collaboratively. The web application consists of a Java servlet, Java Server Pages (JSP) and supporting classes. There are two significant features of this work. First, users can explore existing standard VRML worlds collaboratively with automatic multiuser augmentation. Second, the user is free from

Clifton G. M. Presser

2005-01-01

450

Terahertz wave opto-mechanical scanner for security application  

NASA Astrophysics Data System (ADS)

This paper describes a new opto-mechanical scanner that is hopeful for terahertz imaging in security applications. The target of using this scanner is portal screening of personnel for high-resolution imaging of concealed threat objects. It is not only applied to active terahertz imaging but also applied to passive Terahertz imaging. Terahertz wave can penetrate many materials that are opaque to visible and infrared light, such as plastics, cardboard, textiles and so on. So the terahertz imaging technology has a potential to be applicable in security inspection at airports, stations and other public place. Now, the most terahertz imaging system works at point to point mechanical scan pattern. The speed of this raster scan is too slow to apply in practical field. 2-D terahertz array detector can be applied to real time imaging. But at present their cost is prohibitively high. Fortunately low cost, high performance, opto-mechanically scanner is able to meet the current requirements. An opto-mechanical scanner should be able to rapidly scan a 2-D image of the scene. It also should have high optical efficiency so that an image system can achieve the required thermal sensitivity with the minimum number of receivers. These ensure that it can easily operate at any wavelength, and be active or passive. The opto-mechanically scanning can meets these requirements and is being developed into a high performance, low-cost prototype system that will meet the future needs for terahertz security.

Deng, Chao; Zheng, Yongju; Zhang, Cunlin

2010-11-01

451

Use of a Web-based process model to implement security and data protection as an integral component of clinical information management.  

PubMed Central

Delivery of health care at Scott and White, a large integrated health care delivery system, is supported by an Electronic Medical Record (EMR) system repository of six million SGML-based documents. Control of document access is currently based on standard commercial security and confidentiality methodologies. Given the planned release in Fall 1999 of new federal security and confidentiality requirements, we have developed a web-based security process model that "wraps" existing EMR documents with HTML-compliant security attributes. Resulting logical documents are filtered regarding user queries by mapping the security attributes of the data to specific user role characteristics. A key virtue of our approach is that source EMR data do not undergo alteration by the imposition of the security process. It also places no additional work load or query pressure on the existing EMR system.

Myers, D. L.; Culp, K. S.; Miller, R. S.

1999-01-01

452

Initial Empirical Research With an Experimental Secure Web Portal of Electronics Records Archives.  

National Technical Information Service (NTIS)

This document reports the results of an initial empirical research with an experimental secured portal of sensitive electronic records archives. The experimentation focused on measuring the effective data-transfer rates (throughputs) of the portal under v...

B. Nguyen G. Racine

2005-01-01

453

Security Applications of Diodes with Unique Current-Voltage Characteristics  

NASA Astrophysics Data System (ADS)

Diodes are among the most simple and inexpensive electric components. In this paper, we investigate how random diodes with irregular I(U) curves can be employed for crypto and security purposes. We show that such diodes can be used to build Strong Physical Unclonable Functions (PUFs), Certificates of Authenticity (COAs), and Physically Obfuscated Keys (POKs), making them a broadly usable security tool. We detail how such diodes can be produced by an efficient and inexpensive method known as ALILE process. Furthermore, we present measurement data from real systems and discuss prototypical implementations. This includes the generation of helper data as well as efficient signature generation by elliptic curves and 2D barcode generation for the application of the diodes as COAs.

Rührmair, Ulrich; Jaeger, Christian; Hilgers, Christian; Algasinger, Michael; Csaba, György; Stutzmann, Martin

454

Securing electronic commerce: reducing the SSL overhead  

Microsoft Academic Search

The last couple of years have seen a growing momentum toward using the Internet for conducting business. Web-based electronic commerce applications are one of the fastest growing segments of the Internet today. A key enabler for e-commerce applications is the ability to setup secure private channels over a public network. The Secure Sockets Layer protocol provides this capability and is

George Apostolopoulos; V. Peris; Prashant Pradhan; Debanjan Saha

2000-01-01

455

Secure Semantic Service Oriented Information Grid for Cyber Physical System and Applications  

Microsoft Academic Search

This paper describes our approach to designing a secure information grid for cyber physical systems and applications. We discuss access control and accountability for such semantic grid as well as secure infrastructure and storage issues.

Bhavani Thuraisingham; Sajal Das; Yonghe Liu; Elisa Bertino; Lorenzo Martino

456

Efficient Integration of Web Services in Ambient-aware Sensor Network Applications  

Microsoft Academic Search

Sensor webs are heterogeneous collections of sensor devices that collect information and interact with the environ- ment. They consist of wireless sensor networks that are ensembles of small, smart, and cheap sensing and computing devices that permeate the environment as well as high-bandwidth rich sensors such as satellite imaging systems, meteorological stations, air quality stations, and security cameras. Emergency response,

Isaac Amundson; Manish Kushwaha; Xenofon D. Koutsoukos; Sandeep Neema; Janos Sztipanovits

2006-01-01

457

Computer-aided diagnosis workstation and teleradiology network system for chest diagnosis using the web medical image conference system with a new information security solution  

NASA Astrophysics Data System (ADS)

Diagnostic MDCT imaging requires a considerable number of images to be read. Moreover, the doctor who diagnoses a medical image is insufficient in Japan. Because of such a background, we have provided diagnostic assistance methods to medical screening specialists by developing a lung cancer screening algorithm that automatically detects suspected lung cancers in helical CT images, a coronary artery calcification screening algorithm that automatically detects suspected coronary artery calcification and a vertebra body analysis algorithm for quantitative evaluation of osteoporosis. We also have developed the teleradiology network system by using web medical image conference system. In the teleradiology network system, the security of information network is very important subjects. Our teleradiology network system can perform Web medical image conference in the medical institutions of a remote place using the web medical image conference system. We completed the basic proof experiment of the web medical image conference system with information security solution. We can share the screen of web medical image conference system from two or more web conference terminals at the same time. An opinion can be exchanged mutually by using a camera and a microphone that are connected with the workstation that builds in some diagnostic assistance methods. Biometric face authentication used on site of teleradiology makes "Encryption of file" and "Success in login" effective. Our Privacy and information security technology of information security solution ensures compliance with Japanese regulations. As a result, patients' private information is protected. Based on these diagnostic assistance methods, we have developed a new computer-aided workstation and a new teleradiology network that can display suspected lesions three-dimensionally in a short time. The results of this study indicate that our radiological information system without film by using computer-aided diagnosis workstation and our teleradiology network system can increase diagnostic speed, diagnostic accuracy and security improvement of medical information.

Satoh, Hitoshi; Niki, Noboru; Eguchi, Kenji; Ohmatsu, Hironobu; Kaneko, Masahiro; Kakinuma, Ryutaro; Moriyama, Noriyuki

2010-03-01

458

The application of image processing techniques and technology for security and surveillance applications  

NASA Astrophysics Data System (ADS)

The range and scope of EO/IR sensor systems within security and surveillance applications is growing, and this places a corresponding demand on the image processing functionality required to meet the end-users' needs and requirements. Within this paper, the application of different image processing architectures and techniques is reviewed in terms of situational awareness criteria and is illustrated through specific system applications. The concepts and benefits of multimodal and distributed sensor systems are also considered together with the attendant data registration and fusion techniques. Finally, the exploitation of a priori information within the integrated security and surveillance picture is considered from both a processing technology and image display perspective.

Smith, Moira I.; Hickman, Duncan

2007-05-01

459

Network and data security design for telemedicine applications.  

PubMed

The maturing of telecommunication technologies has ushered in a whole new era of applications and services in the health care environment. Teleworking, teleconsultation, mutlimedia conferencing and medical data distribution are rapidly becoming commonplace in clinical practice. As a result, a set of problems arises, concerning data confidentiality and integrity. Public computer networks, such as the emerging ISDN technology, are vulnerable to eavesdropping. Therefore it is important for telemedicine applications to employ end-to-end encryption mechanisms securing the data channel from unauthorized access of modification. We propose a network access and encryption system that is both economical and easily implemented for integration in developing or existing applications, using well-known and thoroughly tested encryption algorithms. Public-key cryptography is used for session-key exchange, while symmetric algorithms are used for bulk encryption. Mechanisms for session-key generation and exchange are also provided. PMID:9304559

Makris, L; Argiriou, N; Strintzis, M G

1997-01-01

460

Evaluation of a metal shear web selectively reinforced with filamentary composites for space shuttle application  

NASA Technical Reports Server (NTRS)

A final program summary is reported for test and evaluation activities that were conducted for space shuttle web selection. Large scale advanced composite shear web components were tested and analyzed to evaluate application of advanced composite shear web construction to a space shuttle orbiter thrust structure. The shear web design concept consisted of a titanium-clad + or - 45 deg boron/epoxy web laminate stiffened with vertical boron-epoxy reinforced aluminum stiffeners and logitudinal aluminum stiffening. The design concept was evaluated to be efficient and practical for the application that was studied. Because of the effects of buckling deflections, a requirement is identified for shear buckling resistant design to maximize the efficiency of highly-loaded advanced composite shear webs.

Laakso, J. H.; Straayer, J. W.

1974-01-01

461

Using Science Driven Technologies for the Defense and Security Applications  

NASA Technical Reports Server (NTRS)

For the past three decades, Earth science remote sensing technologies have been providing enormous amounts of useful data and information in broadening our understanding of our home planet as a system. This research, as it has expanded our learning process, has also generated additional questions. This has further resulted in establishing new science requirements, which have culminated in defining and pushing the state-of-the-art technology needs. NASA s Earth science program has deployed 18 highly complex satellites, with a total of 80 sensors, so far and is in a process of defining and launching multiple observing systems in the next decade. Due to the heightened security alert of the nation, researchers and technologists are paying serious attention to the use of these science driven technologies for dual use. In other words, how such sophisticated observing and measuring systems can be used in detecting multiple types of security concerns with a substantial lead time so that the appropriate law enforcement agencies can take adequate steps to defuse any potential risky scenarios. This paper examines numerous NASA technologies such as laser/lidar systems, microwave and millimeter wave technologies, optical observing systems, high performance computational techniques for rapid analyses, and imaging products that can have a tremendous pay off for security applications.

Habib, Shahid; Zukor, Dorthy; Ambrose, Stephen D.

2004-01-01

462

A lightweight and secure protocol to access Web Services in 6LoWPAN  

Microsoft Academic Search

Sensor Networks have become an integral part of ubiquitous computing. However, their full integration with the ubiquitous computing paradigm is still an open problem due to the lack of integration with Internet protocols such as HTTP and SOAP, which enable the use of Web Services from remote clients. Additionally, these protocols do not address the requirements for wireless sensor networks,

Patricia E. Figueroa; Jesus A. Perez; Ismael Amezcua; Victor H. Hernandez

2012-01-01

463

FAFSA on the Web Toolkit.  

ERIC Educational Resources Information Center

The online version of the Free Application for Federal Student Aid (FAFSA) allows students to apply for federal financial aid using the Internet. In many cases, FAFSA on the Web may be used to apply for financial aid from other sources, such as states or schools. Data are secured, so sending an application through the Internet is as safe as…

Office of Student Financial Assistance (ED), Washington, DC.

464

Secure Communication Application of Josephson Tetrode in THz Region  

NASA Astrophysics Data System (ADS)

We numerically demonstrate the generation of chaos in a four-terminal superconductive device made of five Jospehson weak-link junctions, Josephson Tetrode. We calculate the dynamics of electrical voltages across the junctions when one of the normal resistances in varied. We confirm the generation of chaos by using temporal waveforms, three-dimensional attractors and Lyapunov exponent of chaotic attractor. We numerically investigated the threshold voltage dependence and sampling time dependence of random bits. Jospehson Tetrode is a promising superconductive device applicable to secure communication in THz region.

Sahri, Nurliyana Bte Mohd; Yoshimori, Shigeru

465

Image fusion technology for security and surveillance applications  

NASA Astrophysics Data System (ADS)

Image fusion technology offers a range of potential benefits to the security and surveillance community, including increased situational awareness and enhanced detection capabilities. This paper reports on how image fusion technology is being adapted from the military arena (in which it is generally found today) to provide a new and powerful asset in the fight against crime and terrorism. The combination of detection and tracking processing with image fusion is discussed and assessed. Finally, a number of specific examples are presented which include land, air, and sea applications.

Riley, Tom; Smith, Moira

2006-10-01

466

Semantic web services: from OWL-S via UML to MVC applications  

Microsoft Academic Search

OWL-S is used to describe the semantics of Web Services so that the discovery, selection, invocation and composition of these services can be automated. Prior research has shown that UML diagrams can be used to automatically generate Semantic Web Service descriptions in OWL-S. If complete Web applications could be generated from OWL-S descriptions, then a higher level of automation would

Cássio V. S. Prazeres; César A. C. Teixeira; Ethan V. Munson; Maria Da Graça Campos Pimentel

2009-01-01

467

76 FR 22625 - Reporting of Security Issues  

Federal Register 2010, 2011, 2012, 2013

...html; or (3) Visiting TSA's Security Regulations Web page at http://www.tsa.gov...their report to anyone who uses the ``Security Issues'' Web form on the TSA Web site to submit security concerns (people who contact TSA...

2011-04-22

468

A social approach to security: Using social networks to help detect malicious web content  

Microsoft Academic Search

In the midst of a social networking revolution, social media has become the new vehicle for effective business marketing and transactions. As social aspects to the Internet continue to expand in both quantity and scope, so has the security threat towards enterprise networks and systems. Many social networking users also become main targets of spams, phishing, stalking, and other malware

Michael Robertson; Yin Pan; Bo Yuan

2010-01-01

469

M-Commerce Secured Using Web-Enabled Mobile Biometric Agents  

Microsoft Academic Search

M-commerce brings challenges for both individuals and society. The creation and maintenance of secure identities for online payment has emerged as an important priority of businesses and consumers. In order to address some of these challenges we implement an efficient biometric mobile payment authorization system combined with an embedded commercial barcode reader to provide a worldwide platform-independent mobile payment authentication

Huiqi Lu; Frederic Claret-Tournier; Chris Chatwin; Rupert C. D. Young

2007-01-01

470

Application of infrared imaging systems to maritime security  

NASA Astrophysics Data System (ADS)

Enhancing maritime security through video based systems is a very challenging task, not only due to the different scales of vessels to be monitored, but also due to the constantly changing background and environmental conditions. Yet video systems operating in the visible part of the electromagnetic spectrum have established themselves as one of the most crucial tools in maritime security. However, certain inherent limitations such as requirements of proper scene illumination and failure under low visibility weather conditions like fog could be overcome utilizing different spectral regions. Thermal imaging systems present themselves as a good alternative in maritime security. They could overcome these problems and allow for additional detection of local variation of water temperature, yet have been rarely used efficiently in maritime environment evaluated. Here we present a first order study of the advantage of using long-wavelength infrared (LWIR) imaging for diver detection. Within these tasks we study the reasons and effects of bubbles on water surface in laboratory IR imaging study and have determined the changes in infrared emissivity and reflectivity due to the corresponding surface manifestation. This was compared and used to analyze experiments in the Hudson Estuary to the real-world applicability of infrared technology in maritime security application. Utilizing a LWIR camera, we limit ourselves on the detection of the scuba diver as well as the determination of its depth---information normally not obtainable in very low visibility water like the Hudson River. For this purpose we observed the thermal surface signature of the diver and obtained and analyzed its temporal behavior with respect to area, perimeter and infrared brightness. Additional qualitative and quantitative analyses of the area and perimeter growth show different behaviors with more or less pronounced correlation to the diver's depth---yet clearly showing a trend allowing for estimation of the diver's depth based on the IR surface manifestation. To reduce the impact of measurement and data processing errors in this natural very noisy environment, a computer based analysis process was developed and optimized for this very specific application. Based on its assessment previous contradictions in the bubble growth could be resolved.

Zeng, Debing

471

DoDOM: Leveraging DOM Invariants for Web 2.0 Application Robustness Testing  

Microsoft Academic Search

Web 2.0 applications are increasing in popularity. However, they are also prone to errors because of their dynamic nature. This paper presents DoDOM, an automated system for testing the robustness of Web 2.0 applications based on their Document Object Models (DOMs). DoDOM repeatedly executes the application under a trace of recorded user actions and observes the client-side behavior of the

Karthik Pattabiraman; Benjamin G. Zorn

2010-01-01

472

An end-to-end Web services-based infrastructure for biomedical applications  

Microsoft Academic Search

Services-oriented architectures hold a lot of promise for grid-enabling scientific applications. In recent times, Web ser- vices have gained wide-spread acceptance in the Grid community as the standard way of exposing application functionality to end- users. Web services-based architectures provide accessibility via a multitude of clients, and the ability to enable composition of data and applications in novel ways for

Sriram Krishnan; Kim K. Baldridge; Jerry P. Greenberg; Brent Stearn; Karan Bhatia

2005-01-01

473

Introduction to the Application of Web-Based Surveys.  

ERIC Educational Resources Information Center

This paper discusses some basic assumptions and issues concerning web-based surveys. Discussion includes: assumptions regarding cost and ease of use; disadvantages of web-based surveys, concerning the inability to compensate for four common errors of survey research: coverage error, sampling error, measurement error and nonresponse error; and…

Timmerman, Annemarie

474

Pragmatic applications of the Semantic Web using SemTalk  

Microsoft Academic Search

The Semantic Web is a new layer of the Internet that enables semantic representation of the contents of existing Web pages. Using common ontologies, human users sketch out the most important facts in models that act as intelligent whiteboards. Once models are broadcasted to the Internet, new and intelligent search engines, “ambient” intelligent devices and agents will be able to

Christian Fillies; Gay Wood-albrecht; Frauke Weichhardt

2003-01-01

475

Security applications of a remote electric-field sensor technology  

NASA Astrophysics Data System (ADS)

A new generation of electric field sensors developed at the University of Sussex is enabling an alternative to contact voltage and non-contact magnetic field measurements. We have demonstrated the capability of this technology in a number of areas including ECG through clothing, remote off-body ECG, through wall movement sensing and electric field imaging. Clearly, there are many applications for a generic sensor technology with this capability, including long term vital sign monitoring. The non-invasive nature of the measurement also makes these sensors ideal for man/machine and human/robot interfacing. In addition, there are obvious security and biometric possibilities since we can obtain physiological data remotely, without the knowledge of the subject. This is a clear advantage if such systems are to be used for evaluating the psychological state of a subject. In this paper we report the results obtained with a new version of the sensor which is capable of acquiring electrophysiological signals remotely in an open unshielded laboratory. We believe that this technology opens up a new area of remote biometrics which could have considerable implications for security applications. We have also demonstrated the ability of EPS to function in closely-packed one and two dimensional arrays for real-time imaging.

Prance, Robert J.; Harland, Christopher J.; Prance, Helen

2008-10-01

476

Gender Divide and Acceptance of Collaborative Web 2.0 Applications for Learning in Higher Education  

ERIC Educational Resources Information Center

Situated in the gender digital divide framework, this survey study investigated the role of computer anxiety in influencing female college students' perceptions toward Web 2.0 applications for learning. Based on 432 college students' "Web 2.0 for learning" perception ratings collected by relevant categories of "Unified Theory of Acceptance and Use…

Huang, Wen-Hao David; Hood, Denice Ward; Yoo, Sun Joo

2013-01-01

477

Design and Implementation of User-Managed Access Framework Web 2.0 Applications.  

National Technical Information Service (NTIS)

Web 2.0 applications allow individuals to manage their content online and to share it with other users and services on the Web. Such sharing requires access control to be put in place. Existing access control solutions, however, are unsatisfactory as they...

A. van Moorsel L. Moren M. P. Machulak

2010-01-01

478

Architecture and Protocol for User-Controlled Access Management in Web 2.0 Applications.  

National Technical Information Service (NTIS)

The rapidly developing Web environment provides users with a wide set of rich services as varied and complex as desktop applications. Those services are collectively referred to as 'Web 2.0,' with examples such as Google Docs, Flickr, or Wordpress, that a...

A. van Moorsel M. Machulak

2010-01-01

479

Exploiting an evolutionary accident in web3D communications to integrate application components  

Microsoft Academic Search

The Virtual Reality Modeling Language (VRML) ushered in a new era in computer graphics by providing the first international standard 3D format for the Web (web3D). Unfortunately, some who tried VRML applications found they did not work and naturally blamed the language. However, the problem often lay in the sensitivity to different client software environments of the programming interfaces used

Chris Thorne

2005-01-01

480

Photonics applications and web engineering: WILGA May 2013  

NASA Astrophysics Data System (ADS)

Traditional WILGA Symposia are held two times a year since 1998. Each year the WILGA May edition gathers around 300 young researchers active in advanced photonics and electronics systems. The paper, as each year, presents a digest of chosen technical work results shown by young researchers from different technical universities from this country during the SPIE-IEEE Wilga 2013 Symposium on Photonics and Web Engineering. Topical tracks of the symposium embraced, among others, nanomaterials and nanotechnologies for photonics, sensory and nonlinear optical fibers, object oriented design of hardware, photonic metrology, optoelectronics and photonics applications, photonics-electronics codesign, optoelectronic and electronic systems for astronomy and high energy physics experiments, CMS, ITER, JET - Joint European Torus, BRITE nanosatellite, and pi-of-the sky experiments development. The symposium is an annual summary in the development of numerable Ph.D. theses carried out in this and neighboring countries in the area of advanced electronic and photonic systems. It is also a great occasion for SPIE, IEEE, OSA and PSP students and young researchers to meet together in a large group spanning the whole country with guests from this part of Europe. A digest of Wilga references is presented [1-225].

Romaniuk, Ryszard S.

2013-10-01

481

Creating variable data UV signals for security applications  

NASA Astrophysics Data System (ADS)

Substrates found in standard digital color printing applications frequently contain optical brightening agents (OBAs). These agents fluoresce under near UV light and are predominantly intended to increase the perceived paper white and thus create a paper look and feel which is preferred by customers. The fluorescence phenomenon poses a considerable challenge in standard color management applications, however, the problem description can be inverted and information can be embedded in a printed color image that is perceptually invisible under normal illumination, but revealed via substrate fluorescence under UV illumination. From a practical standpoint, the approach works with standard high brightness office-type papers and does not require any special materials or media, or any modifications to the imaging path inside the machine. This means that certain security aspects can now produced in an essentially cost-neutral way[1].

Eschbach, Reiner; Bala, Raja; Wang, Shen

2008-01-01

482

Scheme and applications of mobile payment based on 3-D security protocol  

Microsoft Academic Search

Considering the requirement of the development of mobile business, it improves the system structure, predigests the transaction flow, promotes the security, introduces the applications in mobile business, compares with 3-D security protocol and discusses some problems when carried out, based on 3-D security protocol in this article.

Chaobo Yang; Ming Qi

2006-01-01

483

Application of telecom planar lightwave circuits for homeland security sensing  

NASA Astrophysics Data System (ADS)

Over the past decade, a massive effort has been made in the development of planar lightwave circuits (PLCs) for application in optical telecommunications. Major advances have been made, on both the technological and functional performance front. Highly sophisticated software tools that are used to tailor designs to required functional performance support these developments. In addition extensive know-how in the field of packaging, testing, and failure mode and effects analysis (FMEA) has been built up in the struggle for meeting the stringent Telcordia requirements that apply to telecom products. As an example, silica-on-silicon is now a mature technology available at several industrial foundries around the world, where, on the performance front, the arrayed-waveguide grating (AWG) has evolved into an off-the-shelf product. The field of optical chemical-biological (CB) sensors for homeland security application can greatly benefit from the advances as described above. In this paper we discuss the currently available technologies, device concepts, and modeling tools that have emerged from the telecommunications arena and that can effectively be applied to the field of homeland security. Using this profound telecom knowledge base, standard telecom components can readily be tailored for detecting CB agents. Designs for telecom components aim at complete isolation from the environment to exclude impact of environmental parameters on optical performance. For sensing applications, the optical path must be exposed to the measurand, in this area additional development is required beyond what has already been achieved in telecom development. We have tackled this problem, and are now in a position to apply standard telecom components for CB sensing. As an example, the application of an AWG as a refractometer is demonstrated, and its performance evaluated.

Veldhuis, Gert J.; Elders, Job; van Weerden, Harm; Amersfoort, Martin

2004-03-01

484

Security Aspects of an Enterprise-Wide Network Architecture.  

ERIC Educational Resources Information Center

Presents an overview of two projects that concern local area networks and the common point between networks as they relate to network security. Discusses security architectures based on firewall components, packet filters, application gateways, security-management components, an intranet solution, user registration by Web form, and requests for…

Loew, Robert; Stengel, Ingo; Bleimann, Udo; McDonald, Aidan

1999-01-01

485

Displaying R spatial statistics on Google dynamic maps with web applications created by Rwui  

PubMed Central

Background The R project includes a large variety of packages designed for spatial statistics. Google dynamic maps provide web based access to global maps and satellite imagery. We describe a method for displaying directly the spatial output from an R script on to a Google dynamic map. Methods This is achieved by creating a Java based web application which runs the R script and then displays the results on the dynamic map. In order to make this method easy to implement by those unfamiliar with programming Java based web applications, we have added the method to the options available in the R Web User Interface (Rwui) application. Rwui is an established web application for creating web applications for running R scripts. A feature of Rwui is that all the code for the web application being created is generated automatically so that someone with no knowledge of web programming can make a fully functional web application for running an R script in a matter of minutes. Results Rwui can now be used to create web applications that will display the results from an R script on a Google dynamic map. Results may be displayed as discrete markers and/or as continuous overlays. In addition, users of the web application may select regions of interest on the dynamic map with mouse clicks and the coordinates of the region of interest will automatically be made available for use by the R script. Conclusions This method of displaying R output on dynamic maps is designed to be of use in a number of areas. Firstly it allows statisticians, working in R and developing methods in spatial statistics, to easily visualise the results of applying their methods to real world data. Secondly, it allows researchers who are using R to study health geographics data, to display their results directly onto dynamic maps. Thirdly, by creating a web application for running an R script, a statistician can enable users entirely unfamiliar with R to run R coded statistical analyses of health geographics data. Fourthly, we envisage an educational role for such applications.

2012-01-01

486

Utility-based placement of dynamic Web applications with fairness goals  

Microsoft Academic Search

We study the problem of dynamic resource allo- cation to clustered Web applications. We extend application server middleware with the ability to automatically decide the size of application clusters and their placement on physical machines. Unlike existing solutions, which focus on maximizing resource utilization and may unfairly treat some applications, the approach introduced in this paper considers the satisfaction of

David Carrera; Malgorzata Steinder; Ian Whalley; Jordi Torres; Eduard Ayguadé

2008-01-01

487

Development of a Secure Mobile GPS Tracking and Management System  

ERIC Educational Resources Information Center

With increasing demand of mobile devices and cloud computing, it becomes increasingly important to develop efficient mobile application and its secured backend, such as web applications and virtualization environment. This dissertation reports a systematic study of mobile application development and the security issues of its related backend. …

Liu, Anyi

2012-01-01

488

How to write application code even a security auditor could love  

SciTech Connect

In the past the application programmer was frequently isolated from the computer security professional. The target machine might have various access controls and security plans, but when the programmer delivered a new application, it was rarely scrutinized from a security standpoint. Security reviews of application code are now being used to overcome this apparent oversight, but these reviews are often hampered by a lack of knowledge among programmers of techniques that make code secure and facilitate security analysis of the code. This paper informally describes fifteen general principles for producing good code that is easily reviewed. This paper is not a formal guideline, but is intended as an inside view of how one reviewer looks at code from a security standpoint.

Barlich, G.L.

1989-01-01

489

Web Engineering.  

National Technical Information Service (NTIS)

Web Engineering is the application of systematic, disciplined and quantifiable approaches to development, operation, and maintenance of Web-based applications. It is both a pro-active approach and a growing collection of theoretical and empirical research...

Y. Deshpande S. Murugeesan A. Ginige S. Hansen D. Schwabe M. M. Gaedke B. White

2003-01-01

490

Practical Experience Gained from Passive Testing of Web Based Systems  

Microsoft Academic Search

In recent years Web-based systems have become extremely popular and, nowadays, they are used in critical environments such as financial, medical, and military systems. As the use of Web applications for security-critical services has increased, the number and sophistication of attacks against these applications have grown as well. For this reason it is essential to be able to prove that

Alessandra Bagnato; Fabio Raiteri; Wissam Mallouli; Bachar Wehbi

2010-01-01

491

AMP: a science-driven web-based application for the TeraGrid  

NASA Astrophysics Data System (ADS)

The Asteroseismic Modeling Portal (AMP) provides a web-based interface for astronomers to run and view simulations that derive the properties of Sun-like stars from observations of their pulsation frequencies. In this paper, we describe the architecture and implementation of AMP, highlighting the lightweight design principles and tools used to produce a functional fully-custom web-based science application in less than a year. Targeted as a TeraGrid science gateway, AMP's architecture and implementation are intended to simplify its orchestration of TeraGrid computational resources. AMP's web-based interface was developed as a traditional standalone database-backed web application using the Python-based Django web development framework, allowing us to leverage the Django framework's capabilities while cleanly separating the user interface development from the grid interface development. We have found this combination of tools flexible and effective for rapid gateway development and deployment.

Woitaszek, M.; Metcalfe, T.; Shorrock, I.

492

Predicting web spam with HTTP session information  

Microsoft Academic Search

Web spam is a widely-recognized threat to the quality and security of the Web. Web spam pages pollute search en- gine indexes, burden Web crawlers and Web mining ser- vices, and expose users to dangerous Web-borne malware. To defend against Web spam, most previous research ana- lyzes the contents of Web pages and the link structure of the Web graph.

Steve Webb; James Caverlee; Calton Pu

2008-01-01

493

Open-Source and Java-Technologies Approach to Web Applications.  

National Technical Information Service (NTIS)

Web applications have become a critical component of the global information infrastructure. In government organizations, proprietary software is currently being replaced by open-source. This thesis explores using open-source and Java technologies to imple...

S. Siripala

2003-01-01

494

OSP with Jython Web Start application - step-by-step guide  

NSDL National Science Digital Library

A description of how to build Java Web Start applications using the OSP library. Integrates the OpenSourcePhysics .jar library files and the Python classes generated by Jython during compiling time with jythonc.

2008-11-13

495

Introduction to the Web-method and its applications  

Microsoft Academic Search

The Web-method is a meshless finite element technique which uses weighted extended B-splines (Web-splines) on a tensor product grid as basis functions. It combines the compu- tational advantages of B-splines and standard mesh-based elements. In particular, degree and smoothness can be chosen arbitrarily without substantially increasing the dimension. Hence, accurate approximations are obtained with relatively few parameters. Moreover, the regular

Klaus Höllig; Christian Apprich; Anja Streit

2005-01-01

496

Visualizing Energy Data Using Web-Based Applications  

Microsoft Academic Search

I will demonstrate a series of web-based visualizations of domestic state-level and international country-level energy statistics. The time-series energy consumption and production data sets are from the International Energy Agency (IEA) and the United States Department of Energy's Energy Information Administration (EIA). I will demonstrate the capabilities of existing web-based community data analysis sites, such as Swivel.com and IBM's Many-Eyes.com,

J. P. Vermylen

2008-01-01

497

Test of radiation detectors used in homeland security applications.  

PubMed

This work was performed as part of the National Institute of Standards and Technology (NIST) program to support the development of the new American National Standards Institute (ANSI) standards N42.32-2003 and N42.33-2003 for hand-held detectors, and personal electronic dosimeters, as well as to support the Office of Law Enforcement Standards (OLES) and the Department of Homeland Security (DHS) in testing these types of detectors for their use by first responders. These instruments are required to operate over a photon energy range of 60 keV to 1.33 MeV and over a wide range of air-kerma rates. The performance and response of various radiation detectors, purchased by the NIST, was recorded when placed in 60Co, 137Cs, and x-ray beams at different air-kerma rates. The measurements described in this report were performed at the NIST x-ray and gamma-ray radiation calibration facilities. The instruments' response (exposure or dose rate readings) shows strong energy dependence but almost no dependence to different air-kerma rates. The data here reported provide a benchmark in support of current protocols that are being developed for radiation detection instrumentation used in homeland security applications. A future plan is to test these devices, plus other commercially available detectors, against ANSI standards N42.32-2003 and N42.33-2003. PMID:15824588

Pibida, L; Minniti, R; O'Brien, M; Unterweger, M

2005-05-01

498

Wireless sensors and sensor networks for homeland security applications.  

PubMed

New sensor technologies for homeland security applications must meet the key requirements of sensitivity to detect agents below risk levels, selectivity to provide minimal false-alarm rates, and response speed to operate in high throughput environments, such as airports, sea ports, and other public places. Chemical detection using existing sensor systems is facing a major challenge of selectivity. In this review, we provide a brief summary of chemical threats of homeland security importance; focus in detail on modern concepts in chemical sensing; examine the origins of the most significant unmet needs in existing chemical sensors; and, analyze opportunities, specific requirements, and challenges for wireless chemical sensors and wireless sensor networks (WSNs). We further review a new approach for selective chemical sensing that involves the combination of a sensing material that has different response mechanisms to different species of interest, with a transducer that has a multi-variable signal-transduction ability. This new selective chemical-sensing approach was realized using an attractive ubiquitous platform of battery-free passive radio-frequency identification (RFID) tags adapted for chemical sensing. We illustrate the performance of RFID sensors developed in measurements of toxic industrial materials, humidity-independent detection of toxic vapors, and detection of chemical-agent simulants, explosives, and strong oxidizers. PMID:23175590

Potyrailo, Radislav A; Nagraj, Nandini; Surman, Cheryl; Boudries, Hacene; Lai, Hanh; Slocik, Joseph M; Kelley-Loughnane, Nancy; Naik, Rajesh R

2012-11-01

499

SecurityFocus  

NSDL National Science Digital Library

This news service from SecurityFocus is an excellent resource to learn about important computer security warnings and alerts. The Web site keeps track of many widely used software applications, while reporting known vulnerabilities as they are found. Viruses and worms are another key topic that receives significant attention. Several columns offer expert advice and tips to efficiently use and understand software for different platforms. Government security is covered in the news section, discussing federal practices and legislation related to the national network infrastructure. Because the articles have such a broad scope, the material can be useful for both home and business users.

1999-01-01

500

Collaborative Multi-Domains Users' Authentication Framework for Shareable Web Applications  

NASA Astrophysics Data System (ADS)

A single service provider domain logon server provides users from different clients domains with a single authentication and authorization mechanism. The logon server provides a Web-based framework implementing single-sign-on and a flexible access control across multiple domains. A single logon server model is motivated by economy of resources usage, increase in security, flexibility of security management, improving general users' satisfaction and increase the productivity of IT personals. The framework described in this paper is based on pragmatic principle of simplicity, usability and expandability. It is designed in a way that is easy to understand, implement, maintain, use, and expand.

Encheva, Sylvia; Tumin, Sharil

2008-11-01