Skip to main content
SpringerLink
Log in

UML 2.0 based framework for the development of secure web application

  • Original Research
  • Published:
International Journal of Information Technology Aims and scope Submit manuscript

Abstract

This research paper proposes experimental support to secure round trip engineering and use of security performance flexibility trusted operating systems for the designing of secure web applications. In this research paper, to address security concerns, we suggest use of trusted operating systems as a platform to run these web applications. For improving the performance of these web applications, we observe that all security checks in a trusted operating system are not necessary. As per our suggestion, various unnecessary security checks can be skipped by administrator, so that system performance of these web applications can improve. These unnecessary security checks, system calls and operations can be easily identified at the time of requirements elicitation. For example, as we know, the popular web servers deal with public information. The majority of this information is publicly readable and available to all users, but these users should not be able to alter this data. This research paper aims to support the efficiency of object-oriented class-based programming and object-oriented modeling in secure software development. The round trip engineering for the development of complex web applications, helps developers in code restructuring, identify probable bugs or deficiencies for probable improvements and helps from the analysis phase to the maintenance phase.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

References

  1. Valderas P, Pelechano V (2011) A survey of requirements specification in model-driven development of web applications. ACM Trans Web 5(2):1–51

    Article  Google Scholar 

  2. Davis JP (2007) Propositional logic constraint patterns and their use in UML-based conceptual modeling and analysis. IEEE Trans Knowl Data Eng 19(3):427–440

    Article  Google Scholar 

  3. Marcus A, Poshyvanyk D (2008) Using the conceptual cohesion of classes for fault prediction in object-oriented systems. IEEE Trans Softw Eng 34(2):287–300

    Article  Google Scholar 

  4. Poblete B, Spiliopoulou M (2010) Privacy-preserving query log mining for business confidentiality protection. ACM Trans Web 4(3):1–26

    Article  Google Scholar 

  5. Comai S, Mazza D (2012) A model-driven methodology to the content layout problem in web applications. ACM Trans Web 6(3):1–38

    Article  Google Scholar 

  6. Bittar TJ, Fortes RPM, Lobato LL (2009) Web communication and interaction modeling using model-driven development. In: SIGDOC ‘09, October 5–7, Bloomington, IN, USA

  7. Medeiros I, Neves NF, Correia M (2014) Automatic detection and correction of web application vulnerabilities using data mining to predict false positives. In: WWW ‘14, April 7–11, Seoul, Korea. doi:10.1145/2566486.2568024

  8. De Lucia A, Gravino C, Oliveto R, Tortora G (2010) An experimental comparison of ER and UML class diagrams for data modeling. Empir Softw Eng 15:455–492. doi:10.1007/s10664-009-9127-7

    Article  Google Scholar 

  9. Selby RW, Basili VR (1987) Cleanroom software development: an empirical evaluation. IEEE Trans Softw Eng 13(9):1027–1037

    Article  Google Scholar 

  10. http://www.ijric.org/volumes/Vol8/Vol8No8.pdf

  11. Fernandes JM, Machado RJ (2001) From use cases to objects: an industrial information systems case study analysis. In: 7th international conference on object-oriented information systems (OOIS ‘01). Springer, Berlin, pp 319–328

  12. Cheng BHC, Wang EY (2002) Formalizing and integrating the dynamic model for object-oriented modeling. IEEE Trans Softw Eng 28(8):747–762

    Article  Google Scholar 

  13. Ricci LA, Schwabe D (2006) An authoring environment for model-driven web applications. In: WebMedia’06, November 19–22, Natal, RN, Brazil

  14. Singh D, Singh A (2010) An effective technique for data security in modern cryptosystem. BVICAM Int J Inf Technol 2(1):11–19

    Google Scholar 

  15. Bernardi S, Merseguer J, Petriu DC (2012) Dependability modeling and analysis of software systems specified with UML. ACM Comput Surv 45(1):1–48

    Article  MATH  Google Scholar 

  16. Chaudron MRV, Heijstek W, Nugroho A (2012) How effective is UML modeling? An empirical perspective on costs and benefits. Softw Syst Model 11:571–580. doi:10.1007/s10270-012-0278-4

    Article  Google Scholar 

  17. http://cairo.cs.uiuc.edu/publications/papers/thesis-achu.pdf

  18. Siau Keng, Lee Lihyunn (2004) Are use case and class diagrams complementary in requirements analysis? An experimental study on use case and class diagrams in UML. Requir Eng 2004(9):229–237. doi:10.1007/s00766-004-0203-7

    Article  Google Scholar 

  19. Bokhari MU, Siddiqui ST (2010) A comparative study of software requirements tools for secure software development. BVICAM Int J Inf Technol (BIJIT) 2(2):229–237

    Google Scholar 

  20. Pathak N, Sharma G, Singh BM (2015) Designing of SPF based secure web application using Reverse Engineering. In: IEEE and IETE sponsored 9th international conference (INDIACom-2016) on computing for nation development at BVICAM. New Delhi, pp 70–76

  21. Briand LC (2005) An experimental investigation of formality in UML-based development. IEEE Trans Softw Eng 31(10):833–849

    Article  Google Scholar 

  22. Pathak N, Sharma G, Singh BM (2015) Experimental analysis of SPF based secure web application. Int J Mod Educ Comput Sci (IJMECS). doi:10.5815/ijmecs

    Google Scholar 

  23. Runeson Per, Höst Martin (2008) Guidelines for conducting and reporting case study research in software engineering. Empir Softw Eng 2009(14):131–164. doi:10.1007/s10664-008-9102-8

    Google Scholar 

  24. Pathak N, Sharma G, Singh BM (2015) Towards designing of SPF based secure web application. Int J Syst Assur Eng Manag. doi:10.1007/s13198-015-0338-6

    Google Scholar 

  25. Fonseca J, Vieira M, Madeira H (2014) Evaluation of web security mechanisms using vulnerability & attack injection. IEEE Trans Depend Secur Comput 11(5):440–453

    Article  Google Scholar 

  26. Pathak N, Sharma G, Singh BM (2014) Forward engineering based implementation of TOS in social networking. Int J Comput Appl 102(11):33–38

    Google Scholar 

  27. Dhir S, Sarraf S (2016) Crime and criminal tracking networks & systems using agile methodology. BVICAM Int J Inf Technol 8(1):17–20

    Google Scholar 

  28. Brambilla M, Ceri S, Fraternali P (2006) Process modeling in web applications. ACM Trans Softw Eng Methodol 15(4):33–38

    Article  Google Scholar 

  29. Kapitsaki GM, Kateros DA, Pappas CA, Tselikas ND, Venieris IS (2008) Model-driven development of composite web applications. In: IIWAS2008, November 24–26, Linz, Austria

  30. Pathak N, Sharma G, Singh BM (2015) Experimental designing of SPF based secure web application using forward engineering. In: IEEE and IETE sponsored 9th international conference (INDIACom-2015) on computing for nation development at BVICAM, New Delhi. ISSN: 0973-7529, ISBN: 978-93-80544-00-7

  31. Siddiqui T, Wani MA, Khan NA (2011) Efficiency metrics. BVICAM Int J Inf Technol 3(2):399–402

    Google Scholar 

  32. Desnoyers P, Wood T, Shenoy P (2012) Modellus: automated modeling of complex internet data center applications. ACM Trans Web 6(2):465–469

    Article  Google Scholar 

  33. Philippow I, Streitferdt D, Riebisch M, Naumann S (2005) An approach for reverse engineering of design patterns. Softw Syst Model 4:55–70. doi:10.1007/s10270-004-0059-9

    Article  Google Scholar 

  34. Kim H, Zhang Y, Oussena S, Clark T (2009) A case study on model driven data integration for data centric software development. ACM, New York

    Book  Google Scholar 

  35. Rana VS (2012) An innovative use of information & communication technology (ICT) in trade facilitation in India. BVICAM Int J Inf Technol (BIJIT) 4(2):492–495

    Google Scholar 

  36. Rajiv ML (2011) Web 3.0 in education & research. BVICAM Int J Inf Technol 3(2). ISSN: 0973-5658

Download references

Author information

Authors and Affiliations

  1. Uttrakhand Technical University (UTU), Dehradun, India

    Nitish Pathak

  2. Department of CS&E, College of Engineering Roorkee, UTU, Dehradun, India

    B. M. Singh

  3. Departments of CS&E, BPIBS, GGSIP University, Government of NCT of Delhi, Delhi, India

    Girish Sharma

Authors
  1. Nitish Pathak
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. B. M. Singh
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Girish Sharma
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Nitish Pathak.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Pathak, N., Singh, B.M. & Sharma, G. UML 2.0 based framework for the development of secure web application. Int. j. inf. tecnol. 9, 101–109 (2017). https://doi.org/10.1007/s41870-017-0001-3

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s41870-017-0001-3

Keywords

Search

Navigation