271,302 research outputs found
Ghera: A Repository of Android App Vulnerability Benchmarks
Security of mobile apps affects the security of their users. This has fueled
the development of techniques to automatically detect vulnerabilities in mobile
apps and help developers secure their apps; specifically, in the context of
Android platform due to openness and ubiquitousness of the platform. Despite a
slew of research efforts in this space, there is no comprehensive repository of
up-to-date and lean benchmarks that contain most of the known Android app
vulnerabilities and, consequently, can be used to rigorously evaluate both
existing and new vulnerability detection techniques and help developers learn
about Android app vulnerabilities. In this paper, we describe Ghera, an open
source repository of benchmarks that capture 25 known vulnerabilities in
Android apps (as pairs of exploited/benign and exploiting/malicious apps). We
also present desirable characteristics of vulnerability benchmarks and
repositories that we uncovered while creating Ghera.Comment: 10 pages. Accepted at PROMISE'1
Architectural reflection for software evolution
Software evolution is expensive. Lehman identifies several
problems associated with it: Continuous adaptation, increasing complexity, continuing growth, and declining quality. This paper proposes that a reflective software engineering environment will address these problems by employing languages and techniques from the software
architecture community.
Creating a software system will involve manipulating a collection of views, including low-level code views and high-level architectural views which will be tied together using reflection. This coupling will allow the development environment to automatically identify inconsistencies between the views, and support software engineers in managing architectures during evolution.
This paper proposes a research programme which will result in a software engineering environment which addresses problems of software evolution and the maintenance of consistency between architectural views of a software system
Architecture for Provenance Systems
This document covers the logical and process architectures of provenance systems. The logical architecture identifies key roles and their interactions, whereas the process architecture discusses distribution and security. A fundamental aspect of our presentation is its technology-independent nature, which makes it reusable: the principles that are exposed in this document may be applied to different technologies
Classification of changes in API evolution
Applications typically communicate with each other, accessing and exposing data and features by using Application Programming Interfaces (APIs). Even though API consumers expect APIs to be steady and well established, APIs are prone to continuous changes, experiencing different evolutive phases through their lifecycle. These changes are of different types, caused by different needs and are affecting consumers in different ways. In this paper, we identify and classify the changes that often happen to APIs, and investigate how all these changes are reflected in the documentation, release notes, issue tracker and API usage logs. The analysis of each step of a change, from its implementation to the impact that it has on API consumers, will help us to have a bigger picture of API evolution. Thus, we review the current state of the art in API evolution and, as a result, we define a classification framework considering both the changes that may occur to APIs and the reasons behind them. In addition, we exemplify the framework using a software platform offering a Web API, called District Health Information System (DHIS2), used collaboratively by several departments of World Health Organization (WHO).Peer ReviewedPostprint (author's final draft
Using an Architecture Description Language to Model a Large- Scale Information System – An Industrial Experience Report
An organisation that had developed a large Information System wanted to embark on a programme of significant evolution for the system. As a precursor to this, it was decided to create a comprehensive architectural
description. T his undertaking faced a number of challenges, including a low general awareness of software modelling and software architecture practices . The approach taken for this
project included the definition of a simple, specific, architecture description language. This paper describes the experiences of the project and the ADL created as part of it
An Architecture for Provenance Systems
This document covers the logical and process architectures of provenance systems. The logical architecture identifies key roles and their interactions, whereas the process architecture discusses distribution and security. A fundamental aspect of our presentation is its technology-independent nature, which makes it reusable: the principles that are exposed in this document may be applied to different technologies
Towards a re-engineering method for web services architectures
Recent developments in Web technologies – in particular
through the Web services framework – have greatly enhanced the flexible and interoperable implementation of service-oriented software architectures. Many older Web-based and other distributed software systems will be re-engineered to a Web services-oriented platform. Using an advanced
e-learning system as our case study, we investigate central aspects of a re-engineering approach for the Web services platform. Since our aim is to provide components of the legacy system also as services in the new platform, re-engineering to suit the new development paradigm is as important as re-engineering to suit the new architectural requirements
- …