Web Security Detection Tool

According to Government Computer News (GCN) web attacks have been marked as all- time high this year. GCN says that some of the leading security software like SOPHOS detected about 15,000 newly infected web pages daily in initial three months of 2008 [13]. This has lead to the need of efficient software to make web applications robust and sustainable to these attacks. While finding information on different types of attacks, I found that SQL injection and cross site scripting are the most famous among attackers. These attacks are used extensively since, they can be performed using different techniques and it is difficult to make a web application completely immune to these attacks. There are myriad detection tools available which help to detect vulnerabilities in web applications. These tools are mainly categorized as white-box and black-box testing tools. In this writing project, we aim to develop a detection tool which would be efficient and helpful for the users to pinpoint possible vulnerabilities in his/her PHP scripts. We propose a technique to integrate the aforementioned categories of tools under one framework to achieve better detection against possible vulnerabilities. Our system focuses on giving the developer a simple and concise tool which would help him/her to correct possible loopholes in the PHP code snippets

Slisp: A Flexible Software Toolkit for Hybrid, Embedded and Distributed Applications

We describe Slisp (pronounced ‘Ess-Lisp’), a hybrid Lisp–C programming toolkit for the development of scriptable and distributed applications. Computationally expensive operations implemented as separate C-coded modules are selectively compiled into a small Xlisp interpreter, then called as Lisp functions in a Lisp-coded program. The resulting hybrid program may run in several modes: as a stand-alone executable, embedded in a different C program, as a networked server accessed from another Slisp client, or as a networked server accessed from a C-coded client. Five years of experience with Slisp, as well experience with other scripting languages such as Tcl and Perl, are summarized. These experiences suggest that Slisp will be most useful for mid-sized applications in which the kinds of scripting and embeddability features provided by Tcl and Perl can be extended in an efficient manner to larger applications, while maintaining a well-defined standard (Common Lisp) for these extensions. In addition, the generality of Lisp makes Lisp a good candidate for an application-level communication language in distributed environments

Integrating Third-party Applications and Information Systems Into the World Wide Web

In this paper we propose a conceptual architecture that integrates with both third-party applications and information systems. We believe that integrating information systems with the Web will go a long way toward making information systems more understandable. We also believe that integrating third-party applications with the Web will lessen the problem that users have to discard applications they use everyday to navigate and publish in the cyberspace

Web browser accessibility using open source software

A Web browser provides a uniform user interface to different types of information. Making this interface universally accessible and more interactive is a long term goal still far from being achieved. Universally accessible browsers require novel interaction modalities and additional functionalities, for which existing browsers tend to provide only partial solutions. Although functionality for Web accessibility can be found as open source and free software components, their reuse and integration is complex because they were developed in diverse implementation environments, following standards and conventions incompatible with the Web. To enable the integration of existing partial solutions within a mainstream Web browser environment, we have developed a middleware infrastructure, AMICO:WEB. This enables browser access to a wide variety of open source and free software components. The main contribution of AMICO:WEB is in enabling the syntactic interoperability between Web extension mechanisms and a variety of integration mechanisms used by open source and free software components. It als

Computational Steering in the Problem Solving Environment WBCSim

Computational steering allows scientists to interactively control a numerical experiment and adjust parameters of the computation on-the-fly and explore “what if ” analysis. Computational steering effectively reduces computational time, makes research more efficient, and opens up new product design opportunities. There are several problem solving environments (PSEs) featuring computational steering. However, there is hardly any work explaining how to enable computational steering for PSEs embedded with legacy simulation codes. This paper describes a practical approach to implement computational steering for such PSEs by using WBCSim as an example. WBCSim is a Web based simulation system designed to increase the productivity of wood scientists conducting research on wood-based composites manufacturing processes. WBCSim serves as a prototypical example for the design, construction, and evaluation of small-scale PSEs. Various changes have been made to support computational steering across the three layers—client, server, developer—comprising the WBCSim system. A detailed description of the WBCSim system architecture is presented, along with a typical scenario of computational steering usage

Integrating heterogeneous open-source software into web browsers using AMICO:WEB

A web browser provides a uniform user interface to different types of information. Making this interface universally accessible and more interactive is a long term goal still far from being achieved. Universally accessible browsers require novel interaction modalities and additional functionalities, for which existing browsers tend to provide only partial solutions. Although functionality for web accessibility can be found as open-source and free software components, their reuse and integration is complex because they were developed in diverse implementation environments, following standards and conventions incompatible with the web. To enable the integration of existing partial solutions within a mainstream web browser environment, we have developed a middleware infrastructure, AMICO:WEB. This enables browser access to a wide variety of open source and free software components. The main contribution of AMICO:WEB is in enabling the syntactic interoperability between web extension mechanisms and a variety of integration mechanisms used by open-source and free software components. It also bridges the semantic differences between the high-level world of web XML-based APIs and the low-level APIs of the device-oriented world. We discuss the design decisions made during the development of AMICO:WEB in the context of web accessibility, using two typical usage scenarios: one describing a disabled user using a mainstream web browser with additional interaction modalities; another describing a non-disabled user browsing in a suboptimal interaction situation

Designing A General Deep Web Access Approach Based On A Newly Introduced Factor; Harvestability Factor (HF)

The growing need of accessing more and more information draws attentions to huge amount of data hidden behind web forms defined as deep web. To make this data accessible, harvesters have a crucial role. Targeting different domains and websites enhances the need to have a general-purpose harvester which can be applied to different settings and situations. To develop such a harvester, a number of issues should be considered. Among these issues, business domain features, targeted websites' features, and the harvesting goals are the most influential ones. To consider all these elements in one big picture, a new concept, called harvestability factor (HF), is introduced in this paper. The HF is defined as an attribute of a website (HF_w) or a harvester (HF_h) representing the extent to which the website can be harvested or the harvester can harvest. The comprising elements of these factors are different websites' (for HF_w) or harvesters' (for HF_h) features. These features are presented in this paper by gathering a number of them from literature and introducing new ones through the authors' experiments. In addition to enabling websites' or harvesters' designers of evaluating where they products stand from the harvesting perspective, the HF can act as a framework for designing general purpose deep web harvesters. This framework allows filling in the gap in designing general purpose harvesters by focusing on detailed features of deep websites which have effects on harvesting processes. The represented features in this paper provide a thorough list of requirements for designing deep web harvesters which is not done to best of our knowledge in literature in this extent. To validate the effectiveness of HF in practice, it is shown how the HFs' elements can be applied in categorizing deep websites and how this is useful in designing a harvester. To run the experiments, the developed harvester by the authors, is also discussed in this paper

Information brokering on the World Wide Web

Cover title.Includes bibliographical references (p. 6).Stefane Bressan & Thomas Lee

A VISUAL DESIGN METHOD AND ITS APPLICATION TO HIGH RELIABILITY HYPERMEDIA SYSTEMS

This work addresses the problem of the production of hypermedia documentation for applications that require high reliability, particularly technical documentation in safety critical industries. One requirement of this application area is for the availability of a task-based organisation, which can guide and monitor such activities as maintenance and repair. In safety critical applications there must be some guarantee that such sequences are correctly presented. Conventional structuring and design methods for hypermedia systems do not allow such guarantees to be made. A formal design method that is based on a process algebra is proposed as a solution to this problem. Design methods of this kind need to be accessible to information designers. This is achieved by use of a technique already familiar to them: the storyboard. By development of a storyboard notation that is syntactically equivalent to a process algebra a bridge is made between information design and computer science, allowing formal analysis and refinement of the specification drafted by information designers. Process algebras produce imperative structures that do not map easily into the declarative formats used for some hypermedia systems, but can be translated into concurrent programs. This translation process, into a language developed by the author, called ClassiC, is illustrated and the properties that make ClassiC a suitable implementation target discussed. Other possible implementation targets are evaluated, and a comparative illustration given of translation into another likely target, Java