Security and computer forensics in web engineering education

The integration of security and forensics into Web Engineering curricula is imperative! Poor security in web-based applications is continuing to cost organizations millions and the losses are still increasing annually. Security is frequently taught as a stand-alone course, assuming that security can be 'bolted on' to a web application at some point. Security issues must be integrated into Web Engineering processes right from the beginning to create secure solutions and therefore security should be an integral part of a Web Engineering curriculum. One aspect of Computer forensics investigates failures in security. Hence, students should be aware of the issues in forensics and how to respond when security failures occur; collecting evidence is particularly difficult for Web-based applications

An Automated Testing Approach For Pxi Chassis Software Driver

PXI chassis is a multi-vendor interoperable device, it can interconnect with many chassis, module and computer type. To make sure the device driver is able to function in specific configuration it must go through a series of testing. The complexity of PXI software testing has increased when it need to cover multiple configuration for single driver. Majority of the automated test system will execute test without have a mechanism to verify the test environment. The current trend of automated software test only execute on single test configuration, to improve the PXI chassis IVI driver test duration a test software with the capability of execute multi test configuration is developed. In order to develop this tool, a server-client concept is adopted. The advantage of server-client is to centralize the testing when multiple test system perform test at same time. The software tool client will start once completely boot in to operating system, the test system will connect to server and wait for further action from server. When server detected incoming client connection it will automatically verify and fix the testing environment, if the client fulfilled the test suite requirement it will start execute test. All clients test summary result will be feedbacked to server. The results show an average of 17.1% test duration reduction on the planned test configuration when the automated software tool applied on testing. Besides that the results suggest that execute the test on higher controller hardware performance can reduce the test duration as well

A Process Framework for Semantics-aware Tourism Information Systems

The growing sophistication of user requirements in tourism due to the advent of new technologies such as the Semantic Web and mobile computing has imposed new possibilities for improved intelligence in Tourism Information Systems (TIS). Traditional software engineering and web engineering approaches cannot suffice, hence the need to find new product development approaches that would sufficiently enable the next generation of TIS. The next generation of TIS are expected among other things to: enable semantics-based information processing, exhibit natural language capabilities, facilitate inter-organization exchange of information in a seamless way, and evolve proactively in tandem with dynamic user requirements. In this paper, a product development approach called Product Line for Ontology-based Semantics-Aware Tourism Information Systems (PLOSATIS) which is a novel hybridization of software product line engineering, and Semantic Web engineering concepts is proposed. PLOSATIS is presented as potentially effective, predictable and amenable to software process improvement initiatives

Unified System on Chip RESTAPI Service (USOCRS)

Abstract. This thesis investigates the development of a Unified System on Chip RESTAPI Service (USOCRS) to enhance the efficiency and effectiveness of SOC verification reporting. The research aims to overcome the challenges associated with the transfer, utilization, and interpretation of SoC verification reports by creating a unified platform that integrates various tools and technologies. The research methodology used in this study follows a design science approach. A thorough literature review was conducted to explore existing approaches and technologies related to SOC verification reporting, automation, data visualization, and API development. The review revealed gaps in the current state of the field, providing a basis for further investigation. Using the insights gained from the literature review, a system design and implementation plan were developed. This plan makes use of cutting-edge technologies such as FASTAPI, SQL and NoSQL databases, Azure Active Directory for authentication, and Cloud services. The Verification Toolbox was employed to validate SoC reports based on the organization’s standards. The system went through manual testing, and user satisfaction was evaluated to ensure its functionality and usability. The results of this study demonstrate the successful design and implementation of the USOCRS, offering SOC engineers a unified and secure platform for uploading, validating, storing, and retrieving verification reports. The USOCRS facilitates seamless communication between users and the API, granting easy access to vital information including successes, failures, and test coverage derived from submitted SoC verification reports. By automating and standardizing the SOC verification reporting process, the USOCRS eliminates manual and repetitive tasks usually done by developers, thereby enhancing productivity, and establishing a robust and reliable framework for report storage and retrieval. Through the integration of diverse tools and technologies, the USOCRS presents a comprehensive solution that adheres to the required specifications of the SOC schema used within the organization. Furthermore, the USOCRS significantly improves the efficiency and effectiveness of SOC verification reporting. It facilitates the submission process, reduces latency through optimized data storage, and enables meaningful extraction and analysis of report data

E-Business Application Development with Java Technology and Oracle: The Fortune Invest Inc. Case

Due to the popularity of E-business applications, Web-based database application development has become an important topic in the information systems curriculum. There is a need to explore ways to teach such a topic effectively. This paper presents a teaching case on the development of an e-business application for Fortune Invest Inc. using Java server technology with Java Database Connectivity to Oracle databases. The teaching case has the following features: 1) complete coverage of the fundamentals of e-business application development. 2) systematic integration of the knowledge in database design, implementation, programming languages, networking, Web development and system analysis. 3) script execution independent of any platforms. 4) accessible web sites on the Internet with sample code provided. The teaching case was tested in upper division CIS courses in three academic quarters during the past two years at California State University, Los Angeles. The teaching approach emphasizes learning by doing in order to motivate the student and to produce an effective learning outcome. The paper is accompanied by comprehensive teaching notes as well as executable programming scripts