Abstract
This research paper proposes experimental support to secure round trip engineering and use of security performance flexibility trusted operating systems for the designing of secure web applications. In this research paper, to address security concerns, we suggest use of trusted operating systems as a platform to run these web applications. For improving the performance of these web applications, we observe that all security checks in a trusted operating system are not necessary. As per our suggestion, various unnecessary security checks can be skipped by administrator, so that system performance of these web applications can improve. These unnecessary security checks, system calls and operations can be easily identified at the time of requirements elicitation. For example, as we know, the popular web servers deal with public information. The majority of this information is publicly readable and available to all users, but these users should not be able to alter this data. This research paper aims to support the efficiency of object-oriented class-based programming and object-oriented modeling in secure software development. The round trip engineering for the development of complex web applications, helps developers in code restructuring, identify probable bugs or deficiencies for probable improvements and helps from the analysis phase to the maintenance phase.
Similar content being viewed by others
References
Valderas P, Pelechano V (2011) A survey of requirements specification in model-driven development of web applications. ACM Trans Web 5(2):1–51
Davis JP (2007) Propositional logic constraint patterns and their use in UML-based conceptual modeling and analysis. IEEE Trans Knowl Data Eng 19(3):427–440
Marcus A, Poshyvanyk D (2008) Using the conceptual cohesion of classes for fault prediction in object-oriented systems. IEEE Trans Softw Eng 34(2):287–300
Poblete B, Spiliopoulou M (2010) Privacy-preserving query log mining for business confidentiality protection. ACM Trans Web 4(3):1–26
Comai S, Mazza D (2012) A model-driven methodology to the content layout problem in web applications. ACM Trans Web 6(3):1–38
Bittar TJ, Fortes RPM, Lobato LL (2009) Web communication and interaction modeling using model-driven development. In: SIGDOC ‘09, October 5–7, Bloomington, IN, USA
Medeiros I, Neves NF, Correia M (2014) Automatic detection and correction of web application vulnerabilities using data mining to predict false positives. In: WWW ‘14, April 7–11, Seoul, Korea. doi:10.1145/2566486.2568024
De Lucia A, Gravino C, Oliveto R, Tortora G (2010) An experimental comparison of ER and UML class diagrams for data modeling. Empir Softw Eng 15:455–492. doi:10.1007/s10664-009-9127-7
Selby RW, Basili VR (1987) Cleanroom software development: an empirical evaluation. IEEE Trans Softw Eng 13(9):1027–1037
Fernandes JM, Machado RJ (2001) From use cases to objects: an industrial information systems case study analysis. In: 7th international conference on object-oriented information systems (OOIS ‘01). Springer, Berlin, pp 319–328
Cheng BHC, Wang EY (2002) Formalizing and integrating the dynamic model for object-oriented modeling. IEEE Trans Softw Eng 28(8):747–762
Ricci LA, Schwabe D (2006) An authoring environment for model-driven web applications. In: WebMedia’06, November 19–22, Natal, RN, Brazil
Singh D, Singh A (2010) An effective technique for data security in modern cryptosystem. BVICAM Int J Inf Technol 2(1):11–19
Bernardi S, Merseguer J, Petriu DC (2012) Dependability modeling and analysis of software systems specified with UML. ACM Comput Surv 45(1):1–48
Chaudron MRV, Heijstek W, Nugroho A (2012) How effective is UML modeling? An empirical perspective on costs and benefits. Softw Syst Model 11:571–580. doi:10.1007/s10270-012-0278-4
http://cairo.cs.uiuc.edu/publications/papers/thesis-achu.pdf
Siau Keng, Lee Lihyunn (2004) Are use case and class diagrams complementary in requirements analysis? An experimental study on use case and class diagrams in UML. Requir Eng 2004(9):229–237. doi:10.1007/s00766-004-0203-7
Bokhari MU, Siddiqui ST (2010) A comparative study of software requirements tools for secure software development. BVICAM Int J Inf Technol (BIJIT) 2(2):229–237
Pathak N, Sharma G, Singh BM (2015) Designing of SPF based secure web application using Reverse Engineering. In: IEEE and IETE sponsored 9th international conference (INDIACom-2016) on computing for nation development at BVICAM. New Delhi, pp 70–76
Briand LC (2005) An experimental investigation of formality in UML-based development. IEEE Trans Softw Eng 31(10):833–849
Pathak N, Sharma G, Singh BM (2015) Experimental analysis of SPF based secure web application. Int J Mod Educ Comput Sci (IJMECS). doi:10.5815/ijmecs
Runeson Per, Höst Martin (2008) Guidelines for conducting and reporting case study research in software engineering. Empir Softw Eng 2009(14):131–164. doi:10.1007/s10664-008-9102-8
Pathak N, Sharma G, Singh BM (2015) Towards designing of SPF based secure web application. Int J Syst Assur Eng Manag. doi:10.1007/s13198-015-0338-6
Fonseca J, Vieira M, Madeira H (2014) Evaluation of web security mechanisms using vulnerability & attack injection. IEEE Trans Depend Secur Comput 11(5):440–453
Pathak N, Sharma G, Singh BM (2014) Forward engineering based implementation of TOS in social networking. Int J Comput Appl 102(11):33–38
Dhir S, Sarraf S (2016) Crime and criminal tracking networks & systems using agile methodology. BVICAM Int J Inf Technol 8(1):17–20
Brambilla M, Ceri S, Fraternali P (2006) Process modeling in web applications. ACM Trans Softw Eng Methodol 15(4):33–38
Kapitsaki GM, Kateros DA, Pappas CA, Tselikas ND, Venieris IS (2008) Model-driven development of composite web applications. In: IIWAS2008, November 24–26, Linz, Austria
Pathak N, Sharma G, Singh BM (2015) Experimental designing of SPF based secure web application using forward engineering. In: IEEE and IETE sponsored 9th international conference (INDIACom-2015) on computing for nation development at BVICAM, New Delhi. ISSN: 0973-7529, ISBN: 978-93-80544-00-7
Siddiqui T, Wani MA, Khan NA (2011) Efficiency metrics. BVICAM Int J Inf Technol 3(2):399–402
Desnoyers P, Wood T, Shenoy P (2012) Modellus: automated modeling of complex internet data center applications. ACM Trans Web 6(2):465–469
Philippow I, Streitferdt D, Riebisch M, Naumann S (2005) An approach for reverse engineering of design patterns. Softw Syst Model 4:55–70. doi:10.1007/s10270-004-0059-9
Kim H, Zhang Y, Oussena S, Clark T (2009) A case study on model driven data integration for data centric software development. ACM, New York
Rana VS (2012) An innovative use of information & communication technology (ICT) in trade facilitation in India. BVICAM Int J Inf Technol (BIJIT) 4(2):492–495
Rajiv ML (2011) Web 3.0 in education & research. BVICAM Int J Inf Technol 3(2). ISSN: 0973-5658
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Pathak, N., Singh, B.M. & Sharma, G. UML 2.0 based framework for the development of secure web application. Int. j. inf. tecnol. 9, 101–109 (2017). https://doi.org/10.1007/s41870-017-0001-3
Published:
Issue Date:
DOI: https://doi.org/10.1007/s41870-017-0001-3