439 research outputs found
A Practical T-P3R2 Model to Test Dynamic Websites
Present day web applications are very complex as they employ more objects (controls) on a web page than traditional web applications. This results in more memory leaks, more CPU utilizations and longer test executions. Furthermore, today websites are dynamic meaning that the web pages are loaded according to the users input. Higher complexity of web software means more insecure website. This increases the attack surfaces. In this paper, it is proposed to use both Test-Driven Development (TDD) and white-box testing together to handle the dynamic aspects of web applications. Also, it proposes a new practical T-P3 R2 model to cope with dynamism of websites. Keywords: Dynamic website testing, TDD, Web Application Trees (WAT), Path testing
Ten Years of Rich Internet Applications: A Systematic Mapping Study, and Beyond
BACKGROUND: The term Rich Internet Applications (RIAs) is generally associated with Web appli-
cations that provide the features and functionality of traditional desktop applications. Ten years after the
introduction of the term, an ample amount of research has been carried out to study various aspects of
RIAs. It has thus become essential to summarize this research and provide an adequate overview.
OBJECTIVE: The objective of our study is to assemble, classify and analyze all RIA research performed
in the scienti c community, thus providing a consolidated overview thereof, and to identify well-established
topics, trends and open research issues. Additionally, we provide a qualitative discussion of the most inter-
esting ndings. This work therefore serves as a reference work for beginning and established RIA researchers
alike, as well as for industrial actors that need an introduction in the eld, or seek pointers to (a speci c
subset of) the state-of-the-art.
METHOD: A systematic mapping study is performed in order to identify all RIA-related publications,
de ne a classi cation scheme, and categorize, analyze, and discuss the identi ed research according to it.
RESULTS: Our source identi cation phase resulted in 133 relevant, peer-reviewed publications, published
between 2002 and 2011 in a wide variety of venues. They were subsequently classi ed according to four facets:
development activity, research topic, contribution type and research type. Pie, stacked bar and bubble charts
were used to visualize and analyze the results. A deeper analysis is provided for the most interesting and/or
remarkable results.
CONCLUSION: Analysis of the results shows that, although the RIA term was coined in 2002, the rst
RIA-related research appeared in 2004. From 2007 there was a signi cant increase in research activity,
peaking in 2009 and decreasing to pre-2009 levels afterwards. All development phases are covered in the
identi ed research, with emphasis on \design" (33%) and \implementation" (29%). The majority of research
proposes a \method" (44%), followed by \model" (22%), \methodology" (18%) and \tools" (16%); no
publications in the category \metrics" were found. The preponderant research topic is \models, methods
and methodologies" (23%) and to a lesser extent, \usability & accessibility" and \user interface" (11% each).
On the other hand, the topic \localization, internationalization & multi-linguality" received no attention at
all, and topics such as \deep web" (under 1%), \business processing", \usage analysis", \data management",
\quality & metrics", (all under 2%), \semantics" and \performance" (slightly above 2%) received very few
attention. Finally, there is a large majority of \solution proposals" (66%), few \evaluation research" (14%)
and even fewer \validation" (6%), although the latter are increasing in recent years
Hikester - the event management application
Today social networks and services are one of the most important part of our
everyday life. Most of the daily activities, such as communicating with
friends, reading news or dating is usually done using social networks. However,
there are activities for which social networks do not yet provide adequate
support. This paper focuses on event management and introduces "Hikester". The
main objective of this service is to provide users with the possibility to
create any event they desire and to invite other users. "Hikester" supports the
creation and management of events like attendance of football matches, quest
rooms, shared train rides or visit of museums in foreign countries. Here we
discuss the project architecture as well as the detailed implementation of the
system components: the recommender system, the spam recognition service and the
parameters optimizer
Re-engineering strategies for legacy software systems
Re-engineering can be described as a process for updating an existing system in order to meet
new requirements. Restructuring and refactoring are activities that can be performed as a part of
the re-engineering process. Supporting new requirements like migrating to new frameworks, new
environments and architectural styles is essential for preservation of quality attributes like maintainability and evolvability. Many larger legacy systems slowly deteriorate over time in quality and
adding new functionality becomes increasingly difficult and costly as technical debt accumulates.
To modernize a legacy system and improve the cost effectiveness of implementing new features a
re-engineering process is often needed. The alternative is to develop a completely new system but
this can often lead to loss of years of accumulated functionality and be too expensive.
Re-engineering strategies can be specialized and solve specific needs like cloud migration or be more
generic in nature supporting several kinds of needs. Different approaches are suitable for different
kinds of source and target systems. The choice of a re-engineering strategy is also influenced by
organisational and business factors. The re-engineering of a highly tailored legacy system in a small
organisation is different from re-engineering a scalable system in a large organisation. Generic and
flexible solutions are well suited for especially smaller organisations with complex systems.
The re-engineering strategy Renaissance was applied in a case study at Roima Intelligence Oy in order to find out if such a strategy is realistically usable, useful and valuable for a smaller organization.
The results show that a re-engineering strategy is possible to be used with low overhead in order to
prioritize different parts of the system and determining a suitable modernization plan. Renaissance
was also shown to add value especially in the form of deeper understanding of the system and a
structured way to evaluate different options for modernization. This is achieved through assessing
the system from different views taking into account especially business and technical aspects. A
lesson learned about Renaissance is that determining an optimal scope for the system assessment is
challenging. The results are applicable for other organisations dealing with complex legacy systems
with constrained resources.
Limitations of the study are that the number of different kinds of re-engineering strategies discussed
is small and more suitable strategies than Renaissance could be discovered with a systematic mapping study. The amount of experts participating in the process itself as well as the evaluation was
also low, introducing some uncertainty to the validity of the results.
Further research is needed in order to determine how specialized and generic re-engineering strategies compare in terms of needed resources and added value
Semantics and Security Issues in JavaScript
There is a plethora of research articles describing the deep semantics of
JavaScript. Nevertheless, such articles are often difficult to grasp for
readers not familiar with formal semantics. In this report, we propose a digest
of the semantics of JavaScript centered around security concerns. This document
proposes an overview of the JavaScript language and the misleading semantic
points in its design. The first part of the document describes the main
characteristics of the language itself. The second part presents how those
characteristics can lead to problems. It finishes by showing some coding
patterns to avoid certain traps and presents some ECMAScript 5 new features.Comment: Deliverable Resilience FUI 12: 7.3.2.1 Failles de s\'ecurit\'e en
JavaScript / JavaScript security issue
- …