Abstract: As the Web continues to evolve, advances in Web technology forge many new applications that were not previously feasible, resulting in new usage paradigms in business, social interaction, governance, and education. The Handbook of Research on Web 2.0, 3.0, and X.0: Technologies, Business, and Social Applications is a comprehensive reference source on next-generation Web technologies and their applications. This in-depth two volume collection covers the latest aspects and applications of Web technologies including the introduction of virtual reality commerce systems, the importance of social bookmarking, cross-language data retrieval, image searching, cutting-edge Web security technologies, and innovative healthcare and finance applications on the Web. Examining the social, cultural, and ethical issues these applications present, this Handbook of Research discusses real-world examples and case studies valuable to academicians, researchers, and practitioners.

Abstract: Web 2.0 tools present a vast array of opportunities—for companies that know how to use them.

Abstract: The Handbook of Human Factors in Web Designcovers basic human factors issues relating to screen design, input devices, and information organization and processing, as well as addresses newer features which will become prominent in the next generation of Web technologies. These include multimodal interfaces, wireless capabilities, and agents that can improve convenience and usability. Written by leading researchers and/or practitioners in the field, this volume reflects the varied backgrounds and interests of individuals involved in all aspects of human factors and Web design and includes chapters on a full range of topics.Divided into 12 sections, this book addresses:*historical backgrounds and overviews of Human Factors and Ergonomics (HFE);*specific subfields of HFE;*issues involved in content preparation for the Web;*information search and interactive information agents;*designing for universal access and specific user populations;*the importance of incorporating usability evaluations in the design process;*task analysis, meaning analysis, and performance modeling;*specific Web applications in academic and industrial settings;*Web psychology and information security;*emerging technological developments and applications for the Web; and*the costs and benefits of incorporating human factors for the Web and the state of current guidelines.The Handbook of Human Factors in Web Designis intended for researchers and practitioners concerned with all aspects of Web design. It could also be used as a text for advanced courses in computer science, industrial engineering, and psychology.

Abstract: JavaScript is an interpreted programming language most often used for enhancing webpage interactivity and functionality. It has powerful capabilities to interact with webpage documents and browser windows, however, it has also opened the door for many browser-based security attacks. Insecure engineering practices of using JavaScript may not directly lead to security breaches, but they can create new attack vectors and greatly increase the risks of browser-based attacks. In this paper, we present the first measurement study on insecure practices of using JavaScript on the Web. Our focus is on the insecure practices of JavaScript inclusion and dynamic generation, and we examine their severity and nature on 6,805 unique websites. Our measurement results reveal that insecure JavaScript practices are common at various websites: (1) at least 66.4% of the measured websites manifest the insecure practices of including JavaScript files from external domains into the top-level documents of their webpages; (2) over 44.4% of the measured websites use the dangerous eval() function to dynamically generate and execute JavaScript code on their webpages; and (3) in JavaScript dynamic generation, using the document.write() method and the innerHTML property is much more popular than using the relatively secure technique of creating script elements via DOM methods. Our analysis indicates that safe alternatives to these insecure practices exist in common cases and ought to be adopted by website developers and administrators for reducing potential security risks.

Abstract: In order to make optimal educational use of social spaces offered by thousands of international communities in the second generation web applications termed Web 2 or Social Web, ICT competences as well as social skills are needed for both teachers and learners. The paper outlines differences in competence structures of Net Natives (who came of age in the 21st century) and the Net Generation of the 1980s and 1990s who evolve in response to changes between Web 1 and Web 2 technologies. Virtual educational environments in the age of the Social Web represent a perfect embodiment of the Constructionist paradigm: they offer shared discussion and work spaces instead of presentation tools, coaching utilities instead of help desks, and digital learning resource repositories instead of ready-made learning materials. LRE, the European Learning Resource Exchange, and several collaborative web based services and applications will be presented, to illustrate the interrelated change in educational software design and use. New teaching and learning aids require and at the same time inspire new educational theories. The trialogical learning paradigm that invites all educational stakeholders to work on shared objects of inquiry and development and thus develop epistemic agency will be offered as a foundation for a ‘social CALL’.

Abstract: Web services are often deployed with critical software bugs that can be maliciously exploited. Web vulnerability scanners are regarded as an easy way to test web applications against security vulnerabilities. However, previous research shows that the effectiveness of these tools in web services environments is very poor. In fact, the high number of false-positives and the low coverage observed in practice highlight the strong limitations of these tools. The goal of this paper is to demonstrate that it is possible to develop a vulnerability scanner for web services that performs much better than the commercial ones currently available. Thus, we propose an approach to detect SQL Injection vulnerabilities, one of the most common and most critical types of vulnerabilities in web environments. Experimental evaluation shows that our approach performs much better than well-known commercial tools, achieving very high detection coverage while maintaining the false positives rate quite low.

Abstract: The Internet has become one of the main drivers of e-health Whilst its impact and potential is being analysed, the Web 20 phenomenon has reached the health field and has emerged as a buzzword that people use to describe a wide range of online activities and applications The aims of this article are: to explore the opportunities and challenges of the Web 20 within the health care system and to identify the gap between the potential of these online activities and applications and the empirical data The analysis is based on: online surveys to physicians, nurses, pharmacist and patient support groups; static web shot analysis of 1240 web pages and exploration of the most popular Web 20 initiatives The empirical results contrast with the Web 20 trends identified Whereas the main characteristic of the Web 20 is the opportunity for social interaction, the health care system at large could currently be characterised by: a lack of interactive communication technologies available on the Internet; a lack of professional production of health care information on the Internet, and a lack of interaction between these professionals and patients on the Internet These results reveal a scenario away from 20 trends

Abstract: Nowadays, Web applications are almost omnipresent. The Web has become a platform not only for information delivery, but also for eCommerce systems, social networks, mobile services, and distributed learning environments. Engineering Web applications involves many intrinsic challenges due to their distributed nature, content orientation, and the requirement to make them available to a wide spectrum of users who are unknown in advance. The authors discuss these challenges in the context of well-established engineering processes, covering the whole product lifecycle from requirements engineering through design and implementation to deployment and maintenance. They stress the importance of models in Web application development, and they compare well-known Web-specific development processes like WebML, WSDM and OOHDM to traditional software development approaches like the waterfall model and the spiral model. Important problem areas inherent to the Web, like localization, personalization, accessibility, and usage analysis, are dealt with in detail, and a final chapter provides both a description of and an outlook on recent Semantic Web and Web 2.0 developments. Overall, their book delivers a comprehensive presentation of the state-of-the-art in Web application development and thus forms an ideal basis for academic or industrial courses in this or related areas. It is equally suitable for self-study by researchers or advanced professionals who require an overview on how to use up-to-date Web technologies.

Abstract: Context-awareness constitutes an essential aspect of services, especially when interaction with end-users is involved. In this paper a solution for the context-aware development of web applications consisting of web services is presented. The methodology proposes a model based approach and advocates in favour of a complete separation of the web application functionality from the context adaptation at all development phases (analysis, design, implementation). In essence, context adaptation takes place on top of and is transparent to the web application business functionality. Starting from UML diagrams of independent web services and respective UML context models, our approach can produce a functional composite context-aware application. At execution level this independence is maintained through an adaptation framework based on message interception.

Abstract: Ajax is an emerging Web engineering technology that supports advanced interaction features that go beyond Webpage navigation. The Ajax technology is based on asynchronous communication with the Web server and direct manipulation of the GUI, taking advantage of reflection.Correspondingly, new classes of Web faults are associated with Ajax applications.In previous work, we investigated a state-based testing approach, based on semantically interacting events. The main drawback of this approach is that exhaustive generation of semantically interacting event sequences limits quite severely the maximum achievable length, while longer sequences would have higher fault exposing capability. In this paper, we investigate a search-based algorithm for the exploration of the huge space of long interaction sequences, in order to select those that are most promising, based on a measure of test case diversity.

Abstract: As reuse and technology-independence are key issues of both software and web engineering, web services have gained momentum and are heavily used in modern web-based applications. However, they are only expedient for the business logic layer, while the Web lacks uniform models for the encapsulation and reuse of UI components. Thus, web UIs are usually hand-crafted and static, which complicates both development as well as maintenance and upgrade. We address these issues with a novel approach facilitating dynamic, service-oriented composition of user interfaces for web applications. UI parts therein are provided as reusable services and can therefore be selected, customized and exchanged dynamically with respect to a particular context

Abstract: Context-aware Web services are currently emerging as an important technology for building innovative context-aware applications. Unfortunately, context-aware Web services are still difficult to build. This paper describes ContextServ, a platform for rapid development of context-aware Web services. ContextServ adopts model-driven development where context-aware Web services are specified using ContextUML, a UML based modeling language. The platform also offers a set of automated tools for generating and deploying executable implementations of context-aware Web services. This paper presents the motivation, system design, implementation, and usage of ContextServ.

Abstract: Web accessibility for older users -- are we there yet? We understand many of the needs, however there are some gaps in our knowledge and much integration and adoption still required.The Web Accessibility Initiative: Ageing Education and Harmonisation (WAI-AGE) project analyzed the Web accessibility requirements of older Web users based on the research and investigation of many people examining this issue over recent years. The changing abilities of older users as they experience age-related functional impairments were also considered. We found that many of the requirements fall under usable accessibility rather than technical accessibility, and that the Web Content Accessibility Guidelines (WCAG) 2.0 are able to assist developers to meet most of them. These usability aspects include factors such as the presentation of Web content, the inexperience of many older users, and the information overload often experienced. There is also an identified need for more usable browsers which can accommodate the varying experience, skills and impairments of older people and others in accessing the Web.Why isn't the current knowledge being fully utilised? Our review found that one reason is that people often aren't aware of it; the WAI-AGE project is working towards addressing the issue of educating researchers, developers and users alike. And what about the gaps in our knowledge? We identified that additional research is required to address gaps in our understanding, especially around some of the cognitive issues of ageing and around the way in which older users navigate the Web and interact with Web applications.This paper discusses the successes and examines reasons why, with regard to Web accessibility for older people, we are not there yet. It describes some of the challenges facing us and the associated opportunities as we all contribute to the enhancement of Web accessibility for all users.

Abstract: Purpose. This article asserts that current approaches to enhance the accessibility of Web resources fail to provide a solid foundation for the development of a robust and future-proofed framework. ...

Abstract: Ever notice that-in spite of their pervasiveness-designing web applications is still challenging? While their benefits motivate their creation, there are no well-established guidelines for design. This often results in inconsistent behaviors and appearances, even among web applications created by the same company. Design patterns for web applications, similar in concept to those for web sites and software design, offer an effective solution. In Web Application Design Patterns, Pawan Vora documents design patterns for web applications by not only identifying design solutions for user interaction problems, but also by examining the rationale for their effectiveness, and by presenting how they should be applied. . Design interfaces faster, with a better rationale for the solutions you choose.. Learn from over more than100 patterns, with extensive annotation on use and extension.. Take a short-cut into understanding the industry with more than 500 full-color screenshots and a web site for help, discussion, and a collection of additional patterns.

Abstract: Significant research activities have recently been directed towards the Semantic Web as a potential future substitute of the current World Wide Web. Many experts predict that the next huge step forward in Web information technology will be achieved by adding semantics to Web data. An important role in research towards the Semantic Web is played by formalisms and technologies for handling uncertainty and/or vagueness. In this paper, I first provide some motivating examples for handling uncertainty and/or vagueness in the Semantic Web. I then give an overview of some own recent formalisms for handling uncertainty and/or vagueness in the Semantic Web.

Abstract: The massive popularity of the World Wide Web is turning the web browser from a document viewing tool into a general-purpose host platform for various types of services, including desktop- style web applications. Web applications require no installation or manual upgrades, and they can be deployed instantly worldwide.This instant worldwide deployment aspect is incredibly powerful, and will dramatically change the way people develop and use software, allowing worldwide application development and instant deployment without middlemen or distributors. In this paper we present our vision for the future of web applications. A key observation in the paper is that web applications do not have to live by the same constraints that characterized the evolution of conventional desktop applications.The ability to instantly publish software worldwide, and the ability to dynamically combine code and content available from countless web sites and developers all over the planet will open up entirely new possibilities for software development. We believe that this will lead to a new software development approach that can be referred to as mashware, or software as a mashup. In this paper we provide an introduction to mashware, analyze the emerging mashup development technologies, as well as discuss the technical challenges and obstacles that still remain.

Abstract: Web 2.0 represents a major shift in how individuals communicate and collaborate with others. While many of these technologies have been used for public, social interactions (e.g., Wikipedia and YouTube), organizations are just beginning to explore their use in day-to-day operations. Due to relatively recent introduction and public popularity, Web 2.0 has led to a resurgent focus on how organizations can once again leverage technology within the organization for virtual and mass collaboration. In this paper, we explore some of the key questions facing organizations with regard to Web 2.0 implementation and adoption. We develop a model of "Web 2.0 Proclivity", defined as an individual's propensity to use Web 2.0 tools within the organization. Our model and set of associated hypotheses focuses on understanding an employee's internal Web 2.0 content behaviors based on non-work, personal use behaviors. To test our model and hypotheses, survey-based data was collected from a global engine design and manufacturing company. Our results show that Web 2.0 Proclivity is positively influenced by an employee's external behaviors and that differences exist across both functional departments and employee work roles. We discuss the research implications of our findings as well as how our findings and model of Web 2.0 Proclivity can be used to help guide organizational practice.

Abstract: Sometimes it looks like development for Web 2.0 is completely detached from the "traditional" world of web engineering. It is true that Web 2.0 introduced new and powerful instruments such as tags, micro formats, RESTful services, and light-weight programming models, which ease web development. However, it is also true that they didn't really substitute conventional practices such as component-based development and conceptual modeling. Traditional web engineering is still needed, especially when it comes to developing components for mashups, i.e., components such as web services or UI components that are meant to be combined, possibly by web users who are not skilled programmers. We argue that mashup components do not substantially differ from common web applications and that, hence, they might benefit from traditional web engineering methods and instruments. As a bridge toward Web 2.0, in this paper we show how, thanks to the adoption of suitable models and abstractions, generic web applications can comfortably be turned into mashup components.

Abstract: Rich Internet Applications (RIAs) are highly interactive web applications that resemble desktop applications. Modeling RIAs hence requires techniques for web modeling enriched by model elements for powerful user interactions and client-server communications. Many existing approaches provide the required modeling features, but they are still failing short in designer-friendliness and effectiveness. We present a pattern approach for the model-based engineering of RIAs that (1) reduces design efforts maintaining expressiveness of the models, and (2) contributes to model-driven development of RIAs. Our RIA patterns can be easily embedded in existing web modeling methods, which is illustrated with the UML-based Web Engineering.

Abstract: Special Issue

Abstract: The new generation of web-based communities, Web. 2.0, represents an innovation in terms of users interaction as it becomes increasingly dependent of it. It empowers users to create and manage content, placing them at the core of its success. This paper will propose a Web 2.0 Critical Success Factors (CSFs) theoretical framework. With the widespread popularity of these applications it becomes important to analyze the source of their success and unveil why some are more successful than others. More importantly, it may help Web 2.0 start-ups to understand what features they need to develop to make their applications succeed in an already very populated network.

Abstract: The hypertext visionaries foresaw the potential of richly interlinked global information systems for advancing human knowledge. The Web provided the infrastructure to enable those ideas to become a reality, and it quickly became a platform for collaborative research and data sharing. As the Web has evolved, new ways of using it for eResearch have emerged, such as the social networking facilities enabled by Web 2.0 technologies. The next generation of the Web-the so-called Semantic Web-is now on the horizon, which will again enable new types of collaborative research to emerge. If we are to understand and anticipate these new modes of collaboration, we need a discipline that studies the Web as a whole. Web science is this discipline.

Abstract: Although Web services are intended for short term, ad hoc collaborations, in practice many Web service compositions are offered longterm to customers. While the Web services making up the composition may vary, the structure of the composition is rather fixed. For companies managing such Web service compositions, however, challenges arise which go far beyond simple bilateral contract monitoring. It is not only important to determine whether or not a component(i.e., Web service) in a composition is performing properly, but also to understand what the impact of its performance is on the overall service composition. In this paper we show which challenges emerge and we provide an approach on determining the impact each Web service has on the composition at runtime.

Abstract: Although Web services are intended for short term, ad hoc collaborations, in practice many Web service compositions are offered longterm to customers. While the Web services making up the composition may vary, the structure of the composition is rather fixed. For companies managing such Web service compositions, however, challenges arise which go far beyond simple bilateral contract monitoring. It is not only important to determine whether or not a component (i.e., Web service) in a composition is performing properly, but also to understand what the impact of its performance is on the overall service composition. In this paper we show which challenges emerge and we provide an approach on determining the impact each Web service has on the composition at runtime.

Abstract: Web designers usually ignore how to model real user expectations and goals, mainly due to the large and heterogeneous audience of the Web. This fact leads to websites which are difficult to comprehend by visitors and complex to maintain by designers. In order to ameliorate this scenario, an approach for using the i* modeling framework in Web engineering has been developed in this paper. Furthermore, we also present a traceability approach for obtaining different kind of design artifacts tailored to a specific Web modeling method. Finally, we include a sample of our approach in order to show its applicability and we describe a prototype tool as a proof of concept of our research.

Abstract: In the last years there has been a growing interest in agile methods and their integration into the so called "unified" approaches. In the field of Web Engineering, agile approaches such as test-driven development are appealing because of the very nature of Web applications, while model-driven approaches provide a less error-prone code derivation; however the integration of both approaches is not easy. In this paper, we present a method-independent approach to combine the agile, iterative and incremental style of test-driven development with the more formal, transformation-based model-driven Web engineering approaches. We focus not only in the development process but also in the evolution of the application, and show how tests can be transformed together with model refactoring. As a proof of concept we show an illustrative example using WebRatio, the WebML design tool.

Abstract: In today's age of Web applications connected via Web services, accountability has become both crucial and harder to achieve. The management of authentication, authorization, and accountability in these applications is therefore a very important and difficult problem to solve. In this article, we describe how audit logging can be built into the Web services infrastructure.