10,427 research outputs found
Web Engineering Security (WES) Methodology
The impact of the World Wide Web on basic operational economical components in global information-rich civilizations is significant. The repercussions force organizations to provide justification for security from a business-case perspective and to focus on security from a Web application development environment standpoint. The need for clarity promoted an investigation through the acquisition of empirical evidence from a high level Web survey and a more detailed industry survey to analyze security in the Web application development environment ultimately contributing to the proposal of the Essential Elements (EE) and the Security Criteria for Web Application Development (SCWAD). The synthesis of information provided was used to develop the Web Engineering Security (WES) methodology. WES is a proactive, flexible, process neutral security methodology with customizable components that is based on empirical evidence and used to explicitly integrate security throughout an organization’s chosen application development process
A process based approach software certification model for agile and secure environment
In today’s business environment, Agile and secure software processes are essential since they bring high quality and secured software to market faster and more cost effectively. Unfortunately, some software practitioners are not following the proper
practices of both processes when developing software. There exist various studies which assess the quality of software process; nevertheless, their focus is on the conventional software process. Furthermore, they do not consider weight values in the assessment although each evaluation criterion might have different importance.
Consequently, software certification is needed to give conformance on the quality of Agile and secure software processes. Therefore, the objective of this thesis is to propose Extended Software Process Assessment and Certification Model (ESPAC) which addresses both software processes and considers the weight values during the assessment. The study is conducted in four phases: 1) theoretical study to examine the factors and practices that influence the quality of Agile and secure software processes
and weight value allocation techniques, 2) an exploratory study which was participated by 114 software practitioners to investigate their current practices, 3) development of an enhanced software process certification model which considers process, people, technology, project constraint and environment, provides certification guideline and utilizes the Analytic Hierarchy Process (AHP) for weight values allocation and 4) verification of Agile and secure software processes and AHP
through expert reviews followed by validation on satisfaction and practicality of the proposed model through focus group discussion. The validation result shows that ESPAC Model gained software practitioners’ satisfaction and practical to be executed in the real environment. The contributions of this study straddle research perspectives
of Software Process Assessment and Certification and Multiple Criteria Decision Making, and practical perspectives by providing software practitioners and assessors a mechanism to reveal the quality of software process and helps investors and customers in making investment decisions
GeoBlockchain: The Analysis, Design, and Evaluation of a Spatially Enabled Blockchain
Land ownership and supply chain use cases are an enormous business challenge for both the public and private sectors. Every organization has different needs and wants, and they are researching and exploring ways to add value and impact their ownership tracing processes. Geospatial and Blockchain technologies are two emerging trends that could help an organization add value in this manner. The combination of blockchain and geospatial technologies would result in the new concept of GeoBlockchain, defined here as an artifact that could be used to study the trends and behaviours of participants (users) geographically and spatially, based on distributed nodes, transactions, and geo-locations through the blockchain technology.
GeoBlockchain can also be used to visually display geo-ownership tracing processes (points, lines, and polygons) demonstrating the importance of geography. The result of this research was the design, development, implementation, and evaluation of a Spatially Enabled Blockchain ICT artifacts. Each prototype artifact was built using ArcGIS Enterprise and Hyperledger Fabric. The architecture designs were implemented with on-premises and cloud environments and evaluated based on users’ usability and sociotechnical metrics. This research indicates that blockchain technology can be integrated with geospatial technology, resulting in the GeoBlockchain framework along with its attendant implementation criteria in the age of GeoBlockchain
Agile Based Development Methodology for Mobile Commerce Applications
There are several system development methodologies including traditional and agile methodologies which are being utilized in current systems development. However, it could be argued that existing methodologies may not be suitable for the development of mobile commerce applications as these applications are utilized in different contexts from conventional fixed e-commerce applications such as they are displayed on a small screen device, they are utilized in an unstable or movable environment and they need to be used in a secured environment to deliver financial transactions over mobile network. This study aimed to construct an agile based development methodology for mobile commerce applications. In order to achieve this aim, three objectives have been proposed including identification of essential issues for developing m-commerce applications, construction of a predictable agile based methodology used for developing m-commerce applications and evaluation for its applicability and practicality. The research methodology used in the study is the design research, which include the steps of awareness of problems, suggestion, development, evaluation and conclusion. The research methods used to assist the mentioned research methodology include literature analysis, industry visits, semi-structured interview, survey, formulative research and experimental evaluation. The methodology constructed contains the integration of essential factors in each phase of systems development life cycle as well as guidelines to follow for conducting activities in the application development, including specific models, tools, and techniques. From the evaluation of the constructed methodology, the results showed two essential outcomes. Firstly, the constructed methodology is applicable as it can be used to build the intended system, mobile commerce applications in this case. Secondly, for practicality, it showed that the constructed methodology is practical as when comparing to the traditional waterfall development by using the eleven measurements specified, it exposed more benefits to the development process
Management of quality requirements in agile and rapid software development: A systematic mapping study
Context:
Quality requirements (QRs) describe the desired quality of software, and they play an important role in the success of software projects. In agile software development (ASD), QRs are often ill-defined and not well addressed due to the focus on quickly delivering functionality. Rapid software development (RSD) approaches (e.g., continuous delivery and continuous deployment), which shorten delivery times, are more prone to neglect QRs. Despite the significance of QRs in both ASD and RSD, there is limited synthesized knowledge on their management in those approaches.
Objective:
This study aims to synthesize state-of-the-art knowledge about QR management in ASD and RSD, focusing on three aspects: bibliometric, strategies, and challenges.
Research method:
Using a systematic mapping study with a snowballing search strategy, we identified and structured the literature on QR management in ASD and RSD.
Results:
We found 156 primary studies: 106 are empirical studies, 16 are experience reports, and 34 are theoretical studies. Security and performance were the most commonly reported QR types. We identified various QR management strategies: 74 practices, 43 methods, 13 models, 12 frameworks, 11 advices, 10 tools, and 7 guidelines. Additionally, we identified 18 categories and 4 non-recurring challenges of managing QRs. The limited ability of ASD to handle QRs, time constraints due to short iteration cycles, limitations regarding the testing of QRs and neglect of QRs were the top categories of challenges.
Conclusion:
Management of QRs is significant in ASD and is becoming important in RSD. This study identified research gaps, such as the need for more tools and guidelines, lightweight QR management strategies that fit short iteration cycles, investigations of the link between QRs challenges and technical debt, and extension of empirical validation of existing strategies to a wider context. It also synthesizes QR management strategies and challenges, which may be useful for practitioners.Peer ReviewedPostprint (author's final draft
Approach to attributed feature modeling for requirements elicitation in Scrum agile development
Requirements elicitation is a core activity of requirements engineering for the product to be developed. The knowledge that has been gained during requirements engineering about the product to be developed forms the basis for requirement elicitation. The agile approach is becoming known day by day as the most widely used innovative process in the domain of requirements engineering. Requirements elicitation in agile development faces several challenges. Requirements must be gathered sufficiently to reflect stakeholders' needs. Furthermore, because of the development process, requirements evolve, and they must be adequately treated to keep up with the changing demands of the market and the passage of time. Another challenge with agile implementation is handling non-functional requirements in software development. Addressing non- functional requirements is still a critical factor in the success of any product. Requirements prioritization is also one of the most challenging tasks, and it is uncommon for requirement engineers to be able to specify and document all the requirements at once. This paper presents an approach for requirements elicitation in scrum-based agile development. The approach operates with the feature modeling technique, which is originally used in the Software Product Line (SPL). One of the most important proposed extensions to Feature Models (FMs) is the introduction of feature attributes. Our method uses attributed FMs to consider both functional and non-functional requirements as well as requirement prioritization. For the evaluation purposes, we have demonstrated our approach through two case studies in different domains of software product development. The first case study is in the domain of education, and the second one is in the domain of health care. The results reveal that our approach fits the requirements elicitation process in scrum agile development.Bourns College of Engineering, University of California, Riverside(undefined
IS Human Capital: Assessing Gaps to Strengthen Skill and Competency Sourcing
Past research has mainly focused on defining information systems (IS) skills and competencies at the industry or global level; it has offered little guidance on best practices for managing IS at the organization level. And yet, a resource-based view indicates that failure to properly manage skills and competencies could lead to suboptimal outcomes such as a loss of IS process knowledge and innovation, an inability to adequately evaluate vendor performance, and a lack of critical skills and competencies needed to meet future demands. In this paper, we examine how one government agency managed its systems for testing personnel. We describe the need for a process to assess IS skills and competencies in order to analyze the gaps and ensure they are filled. A concrete understanding of existing gaps guides sourcing of skills and competencies through hiring, training, internal transfers, and work allocation. This paper presents an effective methodology for this purpose
- …