A Practical T-P3R2 Model to Test Dynamic Websites

Present day web applications are very complex as they employ more objects (controls) on a web page than traditional web applications. This results in more memory leaks, more CPU utilizations and longer test executions. Furthermore, today websites are dynamic meaning that the web pages are loaded according to the users input. Higher complexity of web software means more insecure website. This increases the attack surfaces. In this paper, it is proposed to use both Test-Driven Development (TDD) and white-box testing together to handle the dynamic aspects of web applications. Also, it proposes a new practical T-P3 R2 model to cope with dynamism of websites. Keywords: Dynamic website testing, TDD, Web Application Trees (WAT), Path testing

Ten Years of Rich Internet Applications: A Systematic Mapping Study, and Beyond

BACKGROUND: The term Rich Internet Applications (RIAs) is generally associated with Web appli- cations that provide the features and functionality of traditional desktop applications. Ten years after the introduction of the term, an ample amount of research has been carried out to study various aspects of RIAs. It has thus become essential to summarize this research and provide an adequate overview. OBJECTIVE: The objective of our study is to assemble, classify and analyze all RIA research performed in the scienti c community, thus providing a consolidated overview thereof, and to identify well-established topics, trends and open research issues. Additionally, we provide a qualitative discussion of the most inter- esting ndings. This work therefore serves as a reference work for beginning and established RIA researchers alike, as well as for industrial actors that need an introduction in the eld, or seek pointers to (a speci c subset of) the state-of-the-art. METHOD: A systematic mapping study is performed in order to identify all RIA-related publications, de ne a classi cation scheme, and categorize, analyze, and discuss the identi ed research according to it. RESULTS: Our source identi cation phase resulted in 133 relevant, peer-reviewed publications, published between 2002 and 2011 in a wide variety of venues. They were subsequently classi ed according to four facets: development activity, research topic, contribution type and research type. Pie, stacked bar and bubble charts were used to visualize and analyze the results. A deeper analysis is provided for the most interesting and/or remarkable results. CONCLUSION: Analysis of the results shows that, although the RIA term was coined in 2002, the rst RIA-related research appeared in 2004. From 2007 there was a signi cant increase in research activity, peaking in 2009 and decreasing to pre-2009 levels afterwards. All development phases are covered in the identi ed research, with emphasis on \design" (33%) and \implementation" (29%). The majority of research proposes a \method" (44%), followed by \model" (22%), \methodology" (18%) and \tools" (16%); no publications in the category \metrics" were found. The preponderant research topic is \models, methods and methodologies" (23%) and to a lesser extent, \usability & accessibility" and \user interface" (11% each). On the other hand, the topic \localization, internationalization & multi-linguality" received no attention at all, and topics such as \deep web" (under 1%), \business processing", \usage analysis", \data management", \quality & metrics", (all under 2%), \semantics" and \performance" (slightly above 2%) received very few attention. Finally, there is a large majority of \solution proposals" (66%), few \evaluation research" (14%) and even fewer \validation" (6%), although the latter are increasing in recent years

Hikester - the event management application

Today social networks and services are one of the most important part of our everyday life. Most of the daily activities, such as communicating with friends, reading news or dating is usually done using social networks. However, there are activities for which social networks do not yet provide adequate support. This paper focuses on event management and introduces "Hikester". The main objective of this service is to provide users with the possibility to create any event they desire and to invite other users. "Hikester" supports the creation and management of events like attendance of football matches, quest rooms, shared train rides or visit of museums in foreign countries. Here we discuss the project architecture as well as the detailed implementation of the system components: the recommender system, the spam recognition service and the parameters optimizer

Re-engineering strategies for legacy software systems

Re-engineering can be described as a process for updating an existing system in order to meet new requirements. Restructuring and refactoring are activities that can be performed as a part of the re-engineering process. Supporting new requirements like migrating to new frameworks, new environments and architectural styles is essential for preservation of quality attributes like maintainability and evolvability. Many larger legacy systems slowly deteriorate over time in quality and adding new functionality becomes increasingly difficult and costly as technical debt accumulates. To modernize a legacy system and improve the cost effectiveness of implementing new features a re-engineering process is often needed. The alternative is to develop a completely new system but this can often lead to loss of years of accumulated functionality and be too expensive. Re-engineering strategies can be specialized and solve specific needs like cloud migration or be more generic in nature supporting several kinds of needs. Different approaches are suitable for different kinds of source and target systems. The choice of a re-engineering strategy is also influenced by organisational and business factors. The re-engineering of a highly tailored legacy system in a small organisation is different from re-engineering a scalable system in a large organisation. Generic and flexible solutions are well suited for especially smaller organisations with complex systems. The re-engineering strategy Renaissance was applied in a case study at Roima Intelligence Oy in order to find out if such a strategy is realistically usable, useful and valuable for a smaller organization. The results show that a re-engineering strategy is possible to be used with low overhead in order to prioritize different parts of the system and determining a suitable modernization plan. Renaissance was also shown to add value especially in the form of deeper understanding of the system and a structured way to evaluate different options for modernization. This is achieved through assessing the system from different views taking into account especially business and technical aspects. A lesson learned about Renaissance is that determining an optimal scope for the system assessment is challenging. The results are applicable for other organisations dealing with complex legacy systems with constrained resources. Limitations of the study are that the number of different kinds of re-engineering strategies discussed is small and more suitable strategies than Renaissance could be discovered with a systematic mapping study. The amount of experts participating in the process itself as well as the evaluation was also low, introducing some uncertainty to the validity of the results. Further research is needed in order to determine how specialized and generic re-engineering strategies compare in terms of needed resources and added value

Semantics and Security Issues in JavaScript

There is a plethora of research articles describing the deep semantics of JavaScript. Nevertheless, such articles are often difficult to grasp for readers not familiar with formal semantics. In this report, we propose a digest of the semantics of JavaScript centered around security concerns. This document proposes an overview of the JavaScript language and the misleading semantic points in its design. The first part of the document describes the main characteristics of the language itself. The second part presents how those characteristics can lead to problems. It finishes by showing some coding patterns to avoid certain traps and presents some ECMAScript 5 new features.Comment: Deliverable Resilience FUI 12: 7.3.2.1 Failles de s\'ecurit\'e en JavaScript / JavaScript security issue