Proposing a secure component-based-application logic and system’s integration testing approach

Software engineering moved from traditional methods of software enterprise applications to com-ponent based development for distributed system’s applications. This new era has grown up forlast few years, with component-based methods, for design and rapid development of systems, butfact is that , deployment of all secure software features of technology into practical e-commercedistributed systems are higher rated target for intruders. Although most of research has been con-ducted on web application services that use a large share of the present software, but on the otherside Component Based Software in the middle tier ,which rapidly develops application logic, alsoopen security breaching opportunities .This research paper focus on a burning issue for researchersand scientists ,a weakest link in component based distributed system, logical attacks, that cannotbe detected with any intrusion detection system within the middle tier e-commerce distributed ap-plications. We proposed An Approach of Secure Designing application logic for distributed system,while dealing with logically vulnerability issue

Performing Hybrid Recommendation in Intermodal Transportation – the FTMarket System’s Recommendation Module

Diverse recommendation techniques have been already proposed and encapsulated into several e-business applications, aiming to perform a more accurate evaluation of the existing information and accordingly augment the assistance provided to the users involved. This paper reports on the development and integration of a recommendation module in an agent-based transportation transactions management system. The module is built according to a novel hybrid recommendation technique, which combines the advantages of collaborative filtering and knowledge-based approaches. The proposed technique and supporting module assist customers in considering in detail alternative transportation transactions that satisfy their requests, as well as in evaluating completed transactions. The related services are invoked through a software agent that constructs the appropriate knowledge rules and performs a synthesis of the recommendation policy

Open semantic service networks

Online service marketplaces will soon be part of the economy to scale the provision of specialized multi-party services through automation and standardization. Current research, such as the *-USDL service description language family, is already defining the basic building blocks to model the next generation of business services. Nonetheless, the developments being made do not target to interconnect services via service relationships. Without the concept of relationship, marketplaces will be seen as mere functional silos containing service descriptions. Yet, in real economies, all services are related and connected. Therefore, to address this gap we introduce the concept of open semantic service network (OSSN), concerned with the establishment of rich relationships between services. These networks will provide valuable knowledge on the global service economy, which can be exploited for many socio-economic and scientific purposes such as service network analysis, management, and control

Intrusion detection and prevention of web service attacks for software as a service:Fuzzy association rules vs fuzzy associative patterns

Cloud computing inherits all the systems, networks as well asWeb Services’ security vulnerabilities, in particular for software as a service (SaaS), where business applications or services are provided over the Cloud as Web Service (WS). Hence, WS-based applications must be protected against loss of integrity, confidentiality and availability when they are deployed over to the Cloud environment. Many existing IDP systems address only attacks mostly occurring at PaaS and IaaS. In this paper, we present our fuzzy association rule-based (FAR) and fuzzy associative pattern-based (FAP) intrusion detection and prevention (IDP) systems in defending against WS attacks at the SaaS level. Our experimental results have validated the capabilities of these two IDP systems in terms of detection of known attacks and prediction of newvariant attacks with accuracy close to 100%. For each transaction transacted over the Cloud platform, detection, prevention or prediction is carried out in less than five seconds. For load and volume testing on the SaaS where the system is under stress (at a work load of 5000 concurrent users submitting normal, suspicious and malicious transactions over a time interval of 300 seconds), the FAR IDP system provides close to 95% service availability to normal transactions. Future work involves determining more quality attributes besides service availability, such as latency, throughput and accountability for a more trustworthy SaaS

Spott : on-the-spot e-commerce for television using deep learning-based video analysis techniques

Spott is an innovative second screen mobile multimedia application which offers viewers relevant information on objects (e.g., clothing, furniture, food) they see and like on their television screens. The application enables interaction between TV audiences and brands, so producers and advertisers can offer potential consumers tailored promotions, e-shop items, and/or free samples. In line with the current views on innovation management, the technological excellence of the Spott application is coupled with iterative user involvement throughout the entire development process. This article discusses both of these aspects and how they impact each other. First, we focus on the technological building blocks that facilitate the (semi-) automatic interactive tagging process of objects in the video streams. The majority of these building blocks extensively make use of novel and state-of-the-art deep learning concepts and methodologies. We show how these deep learning based video analysis techniques facilitate video summarization, semantic keyframe clustering, and (similar) object retrieval. Secondly, we provide insights in user tests that have been performed to evaluate and optimize the application's user experience. The lessons learned from these open field tests have already been an essential input in the technology development and will further shape the future modifications to the Spott application

Optimal QoS aware multiple paths web service composition using heuristic algorithms and data mining techniques

The goal of QoS-aware service composition is to generate optimal composite services that satisfy the QoS requirements defined by clients. However, when compositions contain more than one execution path (i.e., multiple path's compositions), it is difficult to generate a composite service that simultaneously optimizes all the execution paths involved in the composite service at the same time while meeting the QoS requirements. This issue brings us to the challenge of solving the QoS-aware service composition problem, so called an optimization problem. A further research challenge is the determination of the QoS characteristics that can be considered as selection criteria. In this thesis, a smart QoS-aware service composition approach is proposed. The aim is to solve the above-mentioned problems via an optimization mechanism based upon the combination between runtime path prediction method and heuristic algorithms. This mechanism is performed in two steps. First, the runtime path prediction method predicts, at runtime, and just before the actual composition, execution, the execution path that will potentially be executed. Second, both the constructive procedure (CP) and the complementary procedure (CCP) heuristic algorithms computed the optimization considering only the execution path that has been predicted by the runtime path prediction method for criteria selection, eight QoS characteristics are suggested after investigating related works on the area of web service and web service composition. Furthermore, prioritizing the selected QoS criteria is suggested in order to assist clients when choosing the right criteria. Experiments via WEKA tool and simulation prototype were conducted to evaluate the methods used. For the runtime path prediction method, the results showed that the path prediction method achieved promising prediction accuracy, and the number of paths involved in the prediction did not affect the accuracy. For the optimization mechanism, the evaluation was conducted by comparing the mechanism with relevant optimization techniques. The simulation results showed that the proposed optimization mechanism outperforms the relevant optimization techniques by (1) generating the highest overall QoS ratio solutions, (2) consuming the smallest computation time, and (3) producing the lowest percentage of constraints violated number