Trusted Operating System-Based Model-Driven Development of Secure Web Applications

  • Nitish Pathak
  • Girish Sharma
  • B. M. Singh
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 731)


This paper adds security engineering into an object-oriented model-driven software development for real-life Web applications. In this paper, we use mining patterns in Web applications. This research paper proposes a unified modeling language-based secure software maintenance procedure. The proposed method is applied for maintaining a large-scale software product and real-life product-line products. After modeling, we can implement and run this Web application, on SPF-based trusted operating systems. As we know, reverse engineering of old software is focused on the understanding of legacy program code without having proper software documentation. The extracted design information was used to implement a new version of the software program written in C++. For secure designing of Web applications, this paper proposes system security performance model for trusted operating system. For re-engineering and re-implementation process of Web applications, this paper proposes the model-driven round-trip engineering approach.


Design patterns Design recovery Reverse engineering structured design Re-implementation and re-engineering language translation Temporal patterns Navigation patterns 


  1. 1.
    Briand, L.C., Di Penta, M., Labiche, Y.: An experimental investigation of formality in UML-based development. IEEE Trans. Softw. Eng. 31(10) (2005)Google Scholar
  2. 2.
    Xing, Z., Stroulia, E.: Analyzing the evolutionary history of the logical design of object-oriented software. IEEE Trans. Softw. Eng. 31(10) (2005)Google Scholar
  3. 3.
    Brambilla, M., Ceri, S., Fraternali, P.: Process modeling in web applications. ACM Trans. Softw. Eng. Methodol. 15(4) (2006)Google Scholar
  4. 4.
    Simons, C.L., Parmee, I.C., Gwynllyw, R.: Interactive, evolutionary search in upstream object-oriented class design. IEEE Trans. Softw. Eng. 36(6) (2010)Google Scholar
  5. 5.
    Fonseca, J., Vieira, M., Madeira, H.: Evaluation of web security mechanisms using vulnerability & attack injection. IEEE Trans. Dependable Secure Comput. 11(5) (2014)Google Scholar
  6. 6.
    De Lucia, A., Gravino, C., Oliveto, R., Tortora, G: An experimental comparison of ER and UML class diagrams for data modeling. Empirical Softw. Eng. 15, 455–492 (2010). © Springer Science + Business Media, LLC 2009
  7. 7.
    Bernardi, S., Merseguer, J., Petriu, D.C.: Dependability modeling and analysis of software systems specified with UML. ACM Comput. Surv. 45(1), Article 2 (2012)Google Scholar
  8. 8.
    Wu, O., Hu, W.: Measuring the visual complexities of web pages. ACM Trans. Web 7(1), Article 1 (2013)Google Scholar
  9. 9.
    Desnoyers, P., Wood, T., Shenoy, P.: Modellus: automated modeling of complex internet data center applications. ACM Trans. Web 6(2), Article 8 (2012)Google Scholar
  10. 10.
    Marcus, A., Poshyvanyk, D.: Using the conceptual cohesion of classes for fault prediction in object-oriented systems. IEEE Trans. Softw. Eng. 34(2) (2008)Google Scholar
  11. 11.
    Pathak, N., Sharma, G., Singh, B.M.: Forward engineering based implementation of TOS in social networking. Int. J. Comput. Appl. USA 102(11), 33–38 (2014). ISSN: 0975–8887Google Scholar
  12. 12.
  13. 13.
    Pathak, N., Sharma, G., Singh, B.M.: Designing of SPF based secure web application using forward engineering. In: IEEE International Conference on IndiaCom2014, pp 464–469. IEEE Xplore (2015). ISBN: 978-9-3805-4415-1Google Scholar
  14. 14.
    Runeson, P., Höst, M.: Guidelines for conducting and reporting case study research in software engineering. Empirical Softw. Eng. 14, 131–164 (2009). Open access at, Dec 2008
  15. 15.
    Pathak, N., Sharma, G., Singh, B.M.: Experimental analysis of SPF based secure web application. Int. J. Mod. Educ. Comput. Sci., 48–55 (2015). ISSN: 2075-0161Google Scholar
  16. 16.
    Kosiuczenko, P.: Redesign of UML class diagrams: a formal approach. Softw. Syst. Model. 8, 165–183 (2009). (Nov 2007 © Springer 2007)
  17. 17.
    Barna, P., Frasincar, F.: A workflow-driven design of web information systems. In: ICWE’06, 11–14 July 2006, Palo Alto, California, USA. ACM 1-59593-352-2/06/0007Google Scholar
  18. 18.
    Davis, J.P.: Propositional logic constraint patterns and their use in UML-based conceptual modeling and analysis. IEEE Trans. Knowl. Data Eng. 19(3) (2007)Google Scholar
  19. 19.
    Barrett, R., Pahl, C., Patcas, L.M., Murphy, J.: Model driven distribution pattern design for dynamic web service compositions. In: ICWE’06, 11–14 July 2006, Palo Alto, California, USA. ACM 1-59593-352-2/06/0007Google Scholar
  20. 20.
    Cooley, R.: The use of web structure and content to identify subjectively interesting web usage patterns. ACM Trans. Internet Technol. 3(2), 93–116 (2003)Google Scholar
  21. 21.
    Trujillo, J.: A report on the first international workshop on best practices of UML (BP-UML’05). In: SIGMOD Record, vol. 35, no. 3, Sept 2006Google Scholar
  22. 22.
    Ricci, L.A., Schwabe, D.: An authoring environment for model-driven web applications. In: WebMedia’06, 19–22 Nov 2006, Natal, RN, Brazil. Copyright 2006 ACM 85-7669-100-0/06/0011Google Scholar
  23. 23.
    Jiang, D., Pei, J., Li, H.: Mining search and browse logs for web search: a survey. ACM Trans. Intell. Syst. Technol. 4(4), Article 57 (2013)Google Scholar
  24. 24.
    Valderas, P., Pelechano, V.: A survey of requirements specification in model-driven development of web applications. ACM Trans. Web 5(2), Article 10 (2011)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  1. 1.UTUDehradunIndia
  2. 2.Department of Computer ScienceBPIBS, Government of NCT of DelhiNew DelhiIndia
  3. 3.Department of Computer Science and EngineeringCollege of EngineeringRoorkeeIndia

Personalised recommendations