Emerging from the MIST: A Connector Tool for Supporting Programming by Non-programmers

Software development is an iterative process. As user re-quirements emerge software applications must be extended to support the new requirements. Typically, a programmer will add new code to an existing code base of an application to provide a new functionality. Previous research has shown that such extensions are easier when application logic is clearly separated from the user interface logic. Assuming that a programmer is already familiar with the existing code base, the task of writing the new code can be considered to be split into two sub-tasks: writing code for the application logic; that is, the actual functionality of the application; and writing code for the user interface that will expose the functionality to the end user. The goal of this research is to reduce the effort required to create a user interface once the application logic has been created, toward supporting scientists with minimal pro-gramming knowledge to be able to create and modify pro-grams. Using a Model View Controller based architecture, various model components which contain the application logic can be built and extended. The process of creating and extending the views (user interfaces) on these model components is simplified through the use of our Malleable Interactive Software Toolkit (MIST), a tool set an infrastructure intended to simplify the design and extension of dynamically reconfigurable interfaces. This paper focuses on one tool in the MIST suite, a connec-tor tool that enables the programmer to evolve the user interface as the application logic evolves by connecting related pieces of code together; either through simple drag-and-drop interactions or through the authoring of Python code. The connector tool exemplifies the types of tools in the MIST suite, which we expect will encourage collabora-tive development of applications by allowing users to inte-grate various components and minimizing the cost of de-veloping new user interfaces for the combined compo-nents

Proposing a secure component-based-application logic and system’s integration testing approach

Software engineering moved from traditional methods of software enterprise applications to com-ponent based development for distributed system’s applications. This new era has grown up forlast few years, with component-based methods, for design and rapid development of systems, butfact is that , deployment of all secure software features of technology into practical e-commercedistributed systems are higher rated target for intruders. Although most of research has been con-ducted on web application services that use a large share of the present software, but on the otherside Component Based Software in the middle tier ,which rapidly develops application logic, alsoopen security breaching opportunities .This research paper focus on a burning issue for researchersand scientists ,a weakest link in component based distributed system, logical attacks, that cannotbe detected with any intrusion detection system within the middle tier e-commerce distributed ap-plications. We proposed An Approach of Secure Designing application logic for distributed system,while dealing with logically vulnerability issue

A Conceptual Framework for Adapation

This paper presents a white-box conceptual framework for adaptation that promotes a neat separation of the adaptation logic from the application logic through a clear identification of control data and their role in the adaptation logic. The framework provides an original perspective from which we survey archetypal approaches to (self-)adaptation ranging from programming languages and paradigms, to computational models, to engineering solutions

RAFDA: A Policy-Aware Middleware Supporting the Flexible Separation of Application Logic from Distribution

Middleware technologies often limit the way in which object classes may be used in distributed applications due to the fixed distribution policies that they impose. These policies permeate applications developed using existing middleware systems and force an unnatural encoding of application level semantics. For example, the application programmer has no direct control over inter-address-space parameter passing semantics. Semantics are fixed by the distribution topology of the application, which is dictated early in the design cycle. This creates applications that are brittle with respect to changes in distribution. This paper explores technology that provides control over the extent to which inter-address-space communication is exposed to programmers, in order to aid the creation, maintenance and evolution of distributed applications. The described system permits arbitrary objects in an application to be dynamically exposed for remote access, allowing applications to be written without concern for distribution. Programmers can conceal or expose the distributed nature of applications as required, permitting object placement and distribution boundaries to be decided late in the design cycle and even dynamically. Inter-address-space parameter passing semantics may also be decided independently of object implementation and at varying times in the design cycle, again possibly as late as run-time. Furthermore, transmission policy may be defined on a per-class, per-method or per-parameter basis, maximizing plasticity. This flexibility is of utility in the development of new distributed applications, and the creation of management and monitoring infrastructures for existing applications.Comment: Submitted to EuroSys 200

A Conceptual Framework for Adapation

This paper presents a white-box conceptual framework for adaptation that promotes a neat separation of the adaptation logic from the application logic through a clear identification of control data and their role in the adaptation logic. The framework provides an original perspective from which we survey archetypal approaches to (self-)adaptation ranging from programming languages and paradigms, to computational models, to engineering solutions

An Integrated Mobile Application for Enhancing Management of Nutrition Information in Arusha Tanzania

Based on the fact that management of nutrition information is still a problem in many developing countries including Tanzania and nutrition information is only verbally provided without emphasis, this study proposes mobile application for enhancing management of nutrition information. The paper discusses the implementation of an integrated mobile application for enhancing management of nutrition information based on literature review and interviews, which were conducted in Arusha region for the collection of key information and details required for designing the mobile application. In this application, PHP technique has been used to build the application logic and MySQL technology for developing the back-end database. Using XML and Java, we have built an application interface that provides easy interactive view

A Course Module On Application Logic Flaws

Software security is extremely important, and even thoroughly tested code may still have exploitable vulnerabilities. Some of these vulnerabilities are caused by logic flaws. Due to the nature of application or business logic, few automated tools can test for these types of security issues. Therefore, it is important for students to learn how to reduce the number of logic flaws when developing software, and how to test for them manually. A course module with a case study was created to teach students about this topic. Case-based teaching methods are used because it allows students to better apply learned skills to real world industrial settings, and there is a lack of case studies available for current software engineering curriculum. The course module includes an introduction, a quiz on the reading, an animated PowerPoint about the case, and a set of discussion questions. The introduction covers what logic flaws are, reducing logic flaws during software development, and how to test for them manually. The case is about eCommerce merchant software Bigcommerce using PayPal Express to collect payment. A flaw lets attackers complete an expensive order using the payment intended for a cheaper order. An animation was created to trace the HTTP interactions and back-end code representing the steps of the exploit from this case, and explain the manual testing method used to discover the exploit. A set of discussion questions has students apply this method to similar code, to find potential vulnerabilities and then fix them. This course module was taught in COMP 727 Secure Software Engineering at North Carolina A&T State University in the Spring 2015 semester. A pre-survey and post-survey on the learning objectives shows students felt they improved their knowledge and skills relating to application logic flaws. A quiz based on the reading shows students understood the material. The quality of student discussions was very high. Discussion question results were graded using a rubric, and three-quarters of the class received an 85% grade or higher. Overall, this case study was effective at teaching students about application logic flaws. It will be made available to other universities, and can be easily integrated into existing curriculum

Seven strategies for tolerating highly defective fabrication

In this article we present an architecture that supports fine-grained sparing and resource matching. The base logic structure is a set of interconnected PLAs. The PLAs and their interconnections consist of large arrays of interchangeable nanowires, which serve as programmable product and sum terms and as programmable interconnect links. Each nanowire can have several defective programmable junctions. We can test nanowires for functionality and use only the subset that provides appropriate conductivity and electrical characteristics. We then perform a matching between nanowire junction programmability and application logic needs to use almost all the nanowires even though most of them have defective junctions. We employ seven high-level strategies to achieve this level of defect tolerance