Showing papers on "Web engineering published in 2016"
TL;DR: The research will assist anyone in the data and information management industry to identify opportunities and mitigate risk, and will assist data managers to identify future opportunities while considering negative impacts and understanding the underlying technologies associated with the structure and storage of electronic information.
Abstract: The purpose of this study is to define Web 3.0 and discuss the underlying technologies, identify new opportunities and highlight potential challenges that are associated with the evolution to Web 3.0 technologies.,A non-empirical study reviewing papers published in accredited research journals, articles and whitepapers and websites was conducted. To add scientific rigour to a literature review, a four-stage approach, as suggested by Sylvester et al. (2011), was used.,The World Wide Web (henceforth referred to as the Web) is recognised as the fastest growing publication medium of all time. To stay competitive, it is crucial to stay up to date with technological trends. The Web matures in its own unique way. From the static informative characteristics of Web 1.0, it progressed into the interactive experience Web 2.0 provides. The next phase of Web evolution, Web 3.0, is already in progress. Web 3.0 entails an integrated Web experience where the machine will be able to understand and catalogue data in a manner similar to humans. This will facilitate a world wide data warehouse where any format of data can be shared and understood by any device over any network. The evolution of the Web will bring forth new opportunities and challenges. Opportunities identified can mainly be characterised as the autonomous integration of data and services which increase the pre-existing capabilities of Web services, as well as the creation of new functionalities. The challenges mainly concern unauthorised access and manipulation of data, autonomous initiation of actions and the development of harmful scripts and languages.,The findings will assist data managers to identify future opportunities while considering negative impacts and understanding the underlying technologies associated with the structure and storage of electronic information. The research will assist anyone in the data and information management industry to identify opportunities and mitigate risk.,Many organisations were caught off guard by the evolution of the Web to Web 2.0. Organisations, and in particular anyone in the data and information management industry, need to be ready and acquire knowledge about the opportunities and challenges arising from Web 3.0 technologies.
145 citations
6 Jun 2016
TL;DR: Analysis of more than 78 GB of HTTP traffic collected by Italy’s biggest Mobile Internet provider over one full day provides insight into the compliance of state-of-the-art APIs with theoretical Web engineering principles and guidelines, knowledge that affects how applications should be developed to be scalable and robust.
Abstract: Quickly and dominantly, REST APIs have spread over the Web and percolated into modern software development practice, especially in the Mobile Internet where they conveniently enable offloading data and computations onto cloud services. We analyze more than 78 GB of HTTP traffic collected by Italy’s biggest Mobile Internet provider over one full day and study how big the trend is in practice, how it changed the traffic that is generated by applications, and how REST APIs are implemented in practice. The analysis provides insight into the compliance of state-of-the-art APIs with theoretical Web engineering principles and guidelines, knowledge that affects how applications should be developed to be scalable and robust. The perspective is that of the Mobile Internet.
110 citations
TL;DR: This paper proposes a framework which supports developers in modeling smart things as web resources, exposing them through RESTful Application Programming Interfaces (APIs) and developing applications on top of them and discusses the framework compliance with REST guidelines and its major implementation choices.
Abstract: The Web of Things is an active research field which aims at promoting the easy access and handling of smart things' digital representations through the adoption of Web standards and technologies. While huge research and development efforts have been spent on lower level networks and software technologies, it has been recognized that little experience exists instead in modeling and building applications for the Web of Things. Although several works have proposed Representational State Transfer (REST) inspired approaches for the Web of Things, a main limitation is that poor support is provided to web developers for speeding up the development of Web of Things applications while taking full advantage of REST benefits. In this paper, we propose a framework which supports developers in modeling smart things as web resources, exposing them through RESTful Application Programming Interfaces (APIs) and developing applications on top of them. The framework consists of a Web Resource information model, a middleware, and tools for developing and publishing smart things' digital representations on the Web. We discuss the framework compliance with REST guidelines and its major implementation choices. Finally, we report on our test activities carried out within the SmartSantander European Project to evaluate the use and proficiency of our framework in a smart city scenario.
108 citations
TL;DR: Results of this study imply that educators typically have a narrow conception of Web 2.0 technologies and there is a wide array of Web2.0 tools and approaches yet to be fully harnessed by learning designers and educational researchers.
Abstract: This paper presents the methods and outcomes of a typological analysis of Web 2.0 technologies. A comprehensive review incorporating over 2000 links led to identification of over 200 Web 2.0 technologies that were suitable for learning and teaching purposes. The typological analysis involved development of relevant Web 2.0 dimensions, grouping cases according to observed regularities and construction of types based on meaningful relationships. Characterisation of the constructed types incorporated descriptions based on attributes, examples of representative instances and typical pedagogical use cases. The analysis resulted in a typology of 37 types of Web 2.0 technologies that were arranged into 14 clusters. Results of this study imply that educators typically have a narrow conception of Web 2.0 technologies and there is a wide array of Web 2.0 tools and approaches yet to be fully harnessed by learning designers and educational researchers. [ABSTRACT FROM AUTHOR]
101 citations
TL;DR: This paper surveys the web application protection techniques, aiming to systematise the existing approaches into a holistic big picture, and highlights the issues specific to web applications.
88 citations
TL;DR: This chapter provides a comprehensive overview of the automated end-to-end web testing approaches and summarizes the findings of a long term research project aimed at empirically investigating their strengths and weaknesses.
Abstract: The importance of test automation in web engineering comes from the widespread use of web applications and the associated demand for code quality. Test automation is considered crucial for delivering the quality levels expected by users, since it can save a lot of time in testing and it helps developers to release web applications with fewer defects. The main advantage of test automation comes from fast, unattended execution of a set of tests after some changes have been made to a web application. Moreover, modern web applications adopt a multitier architecture where the implementation is scattered across different layers and run on different machines. For this reason, end-to-end testing techniques are required to test the overall behavior of web applications.
In the last years, several approaches have been proposed for automated end-to-end web testing and the choice among them depends on a number of factors, including the tools used for web testing and the costs associated with their adoption. They can be classified using two main criteria: the first concerns how test cases are developed (ie, Capture-Replay and Programmable approaches), while, the second concerns how test cases localize the web elements to interact with (ie, Coordinates-based, DOM-based, and Visual approaches), that is what kind of locators are used for selecting the target GUI components.
For developers and project managers it is not easy to select the most suitable automated end-to-end web testing approach for their needs among the existing ones. This chapter provides a comprehensive overview of the automated end-to-end web testing approaches and summarizes the findings of a long term research project aimed at empirically investigating their strengths and weaknesses.
85 citations
TL;DR: It is concluded that although the definition of an Agile approach to meet the different CMMI maturity levels goals could be possible for an organization developing Web systems, there is still a lack of detailed studies and analysis on the field.
Abstract: We have analyzed the relation among Web Engineering, Agile and CMMI.We performed this analysis by means of a Systematic Literature Review.We have identified the relevant studies linked to the problem under analysis.We have defined a characterization schema in order to compare the studies.We have extracted relevant conclusions for the different dimensions of the problem.We have identified further lines of research. ContextAgile approaches are an alternative for organizations developing software, particularly for those who develop Web applications. Besides, CMMI (Capability Maturity Model Integration) models are well-established approaches focused on assessing the maturity of an organization that develops software. Web Engineering is the field of Software Engineering responsible for analyzing and studying the specific characteristics of the Web. The suitability of an Agile approach to help organizations reach a certain CMMI maturity level in Web environments will be very interesting, as they will be able to keep the ability to quickly react and adapt to changes as long as their development processes get mature. ObjectiveThis paper responds to whether it is feasible or not, for an organization developing Web systems, to achieve a certain maturity level of the CMMI-DEV model using Agile methods. MethodThe proposal is analyzed by means of a systematic literature review of the relevant approaches in the field, defining a characterization schema in order to compare them to introduce the current state-of-the-art. ResultsThe results achieved after the systematic literature review are presented, analyzed and compared against the defined schema, extracting relevant conclusions for the different dimensions of the problem: compatibility, compliance, experience, maturity and Web. ConclusionIt is concluded that although the definition of an Agile approach to meet the different CMMI maturity levels goals could be possible for an organization developing Web systems, there is still a lack of detailed studies and analysis on the field.
54 citations
4 Apr 2016
TL;DR: An approach to generate Web APIs out of models, thus paving the way for managing models and collaborating on them online and relying on well-known libraries and standards, thus facilitating its comprehension and maintainability.
Abstract: In the last years, there has been an increasing interest for Model-Driven Engineering (MDE) solutions in the Web. Web-based modeling solutions can leverage on better support for distributed management (i.e., the Cloud) and collaboration. However, current modeling environments and frameworks are usually restricted to desktop-based scenarios and therefore their capabilities to move to the Web are still very limited. In this paper we present an approach to generate Web APIs out of models, thus paving the way for managing models and collaborating on them online. The approach, called EMF-REST, takes Eclipse Modeling Framework (EMF) data models as input and generates Web APIs following the REST principles and relying on well-known libraries and standards, thus facilitating its comprehension and maintainability. Also, EMF-REST integrates model and Web-specific features to provide model validation and security capabilities, respectively, to the generated API.
51 citations
Proceedings Article•
18 May 2016
TL;DR: This paper presents Hyphe, a crawler developed with and for social scientists, with an innovative “curation-oriented” approach that exposes the problems of using web-mining techniques in social science research and how to overcome those by specific features such as step-by-step corpus building and a memory structure allowing researchers to redefine dynamically the granularity of their “web entities”.
Abstract: The web is a field of investigation for social sciences, and platform-based studies have long proven their relevance. However the generic web is rarely studied in itself though it contains crucial aspects of the embodiment of social actors: personal blogs, institutional websites, hobby-specific media… We realized that some sociologists see existing web crawlers as “black boxes” unsuitable for research though they are willing to study the broad web. In this paper we present Hyphe, a crawler developed with and for social scientists, with an innovative “curation-oriented” approach. We expose the problems of using web-mining techniques in social science research and how to overcome those by specific features such as step-by-step corpus building and a memory structure allowing researchers to redefine dynamically the granularity of their “web entities”.
40 citations
TL;DR: The project YouthMap 5020, whose main goal it was to create a prototype youth-centric web map for the Austrian city of Salzburg (zip code 5020), addressed the approach of participatory design, about 120 teenage pupils from several local schools were involved in all kinds of tasks related to the phases of generating the youth-focused Salzberg web city map.
Abstract: In recent years, the concepts of usability, user experience, and user-centricity have gained in interest. Digital applications, developed in line with criteria related to these approaches, ask for a deeper understanding of users and their requirements. But, even though there is a wide range of methods available, the creation of user-centric applications with good usability and user experience still poses great challenges for developers. This is also true for web maps, i.e. web map applications, which today are ubiquitous on the Internet. They have evolved into an important information and communication tool and address users who do not possess any specific knowledge of Geoinformatics (GI) or Cartography. Despite the efforts made to meet the requirements and preferences of laymen, these users still often face problems when dealing with web map applications. This refers to aspects of design, content, and functionality. Here, participatory design, which is well-known in the field of Software and Web Engineer...
31 citations
TL;DR: A unified extensible context-based model of web applications is proposed and a concept of context is introduced and different attacks are reformulated in terms of context boundary violation to implement a more universal web application protection suitable against different types of attacks.
1 Aug 2016
TL;DR: This paper looks into few issues of designing web applications and recommends design criteria to create efficient web applications.
Abstract: Web applications differ from web sites as they have wide range of interactive features/functionalities and dynamic content. The content delivered via thin client or server driven architecture vary in size, structure and visual design. To accommodate such rich content care should be taken when designing user interface. Various methodologies exist to deliver the content to the users in an efficient manner. Due to the versatility and diversity of the information to be delivered via web applications, the focus shifts on to user satisfaction. Hence a user experience design aimed at user satisfaction becomes the main focus for such applications. This paper looks into few issues of designing web applications and recommends design criteria to create efficient web applications.
TL;DR: The methodology for MDWE is detailed, which is supported by automated design techniques strictly associated with use case patterns of type CRUD, which relies on iterations that are possible for execution with short time-scales.
1 Dec 2016
TL;DR: The harmful web application vulnerability attack, Local File In inclusion (LFI) based on Remote File Inclusion (RFI) as well as Structured Query Language Injection (SQLi) and their impact on the applications of Bangladesh are explored.
Abstract: People nowadays cannot think of even a single moment without the internet. Doubtlessly, web applications are currently the key to all change in the world. The features and facilities of web applications make our lives easier and also demonstrate different channels of communication and exchange of data. The number of internet user is increasing day by day in Bangladesh. Web applications are not only encouraging internet users to easily receive diversified services, but also creating new opportunities in every business sector. With the help of web applications, businesses can easily enhance the quality of their services to consumers with minimal effort. However, at the same time, many threats have arisen as a result of the misuse of this technology. Cyber attacks could emerge as a major threat to the digital transformation of Bangladesh, given the vulnerability in web applications caused by careless coding during the development of such applications. During our review, we observed that the existence of Local File Inclusion (LFI) vulnerability in the web applications of Bangladesh was very critical. This paper explores in detail the harmful web application vulnerability attack, Local File Inclusion (LFI) based on Remote File Inclusion (RFI) as well as Structured Query Language Injection (SQLi), and their impact on the applications of Bangladesh.
11 Apr 2016
TL;DR: This demonstration introduces Liquid.js, a framework whose goal is to enable Web developers to take advantage of multiple heterogeneous devices and offer to their users a liquid user experience, whereby any device can be used sequentially or concurrently with Web applications that can effortlessly roam from one device to another.
Abstract: We are heading toward an era in which users own more than one single Web-enabled device. These devices range from smart phones, tablets and personal computers to smart Web-enabled devices found in houses and cars. The access mechanisms and usage patterns of Web applications are changing accordingly, as users interact more and more with Web applications through all their devices, even if the majority of Web applications are not ready to offer a good user experience taking full advantage of multiple devices. In this demonstration we introduce Liquid.js, a framework whose goal is to enable Web developers to take advantage of multiple heterogeneous devices and offer to their users a liquid user experience, whereby any device can be used sequentially or concurrently with Web applications that can effortlessly roam from one device to another. This way, as highlighted in the demonstration users do not need to stop and resume their work on their Web application as they migrate and clone them across different devices. The demo will also show how developers can easily add such liquid behavior to any Polymer Web component.
1 Jan 2016
TL;DR: A general view on web usage mining and its importance for designers and those interested in e-commerce and website personalization is provided.
Abstract: Web mining is an exciting discipline in the domain of data mining as well as in classification/clustering. Identifying the usage patterns of users is very important in utilizing the vast information available in the World Wide Web. Web usage mining entails identifying usage pattern and has many practical applications. It focuses on techniques that have the potential to predict user behaviour while the user interacts with the Web. The aim of this paper is to provide a general view on web usage mining and its importance for designers and those interested in e-commerce and website personalization. The paper explains in detail the process of web usage mining and the different techniques used for pattern discovery. Also, it illustrates the different applications and tools used for web usage mining. Finally, it explains some current issues and challenges such as privacy and scalability, which are important issues in web usage mining..
26 Sep 2016
TL;DR: This work proposes addressing the web's existing connection-based and server- based security models with a new approach: content-based security, where content is directly signed and encrypted at rest, enabling it to be delivered via any path and then validated by the browser.
Abstract: The World Wide Web has become the most common platform for building applications and delivering content. Yet despite years of research, the web continues to face severe security challenges related to data integrity and confidentiality. Rather than continuing the exploit-and-patch cycle, we propose addressing these challenges at an architectural level, by supplementing the web's existing connection-based and server-based security models with a new approach: content-based security. With this approach, content is directly signed and encrypted at rest, enabling it to be delivered via any path and then validated by the browser. We explore how this new architectural approach can be applied to the web and analyze its security benefits. We then discuss a broad research agenda to realize this vision and the challenges that must be overcome.
11 Apr 2016
TL;DR: Solid is introduced, a set of protocols based on existing W3C recommendations, for reading, writing and access control of the contents of a personal data store, which can be layered up in order to integrate various social features into new or existing web applications.
Abstract: Recent advancements in technologies and protocols mean that it is easier than ever to integrate social features into diverse web applications, and increased awareness of privacy concerns means that it is pertinent to consider empowerment of application users when doing so. Many developers are already familiar with the notion of personal data stores; this tutorial will demonstrate how to access or provide such stores for users, and build simple web applications which read and write to the storage whilst remaining completely decoupled from it. This advantages developers in two ways: by removing the burden of storing and maintaining a canonical copy of user data; and by enabling access to and ease of integration with data created through other applications, creating richer, seamless experiences. From the application users' perspective, they need no longer commit and become bound to particular services, but can mix, match and move between those that best meet their needs. We will introduce Solid, a set of protocols based on existing W3C recommendations, for reading, writing and access control of the contents of a personal data store, which can be layered up in order to integrate various social features into new or existing web applications. Attendees will leave with an understanding of Solid and how different parts of the protocols can work together, and having written some code to implement the parts that interest them most. They will also have hands on experience with existing libraries and tooling to facilitate working with the Solid protocols. Those who stay for the full day will have an opportunity to build a small but complete web application with decentralized social features, and to collaborate with others to see the advantages of sharing data between multiple applications.
TL;DR: How declarative languages can simplify Web Application development and empower end-users as Web developers is discussed and a unified XForms-based framework that supports both client-side and server-side Web application development is introduced.
Abstract: Web Applications have become an omnipresent part of our daily lives. They are easy to use, but hard to develop. WYSIWYG editors, form builders, mashup editors, and markup authoring tools ease the development of Web Applications. However, more advanced Web Applications require servers-side programming, which is beyond the skills of end-user developers. In this paper, we discuss how declarative languages can simplify Web Application development and empower end-users as Web developers. We first identify nine end-user Web Application development levels ranging from simple visual customization to advanced three-tier programming. Then, we propose expanding the presentation tier to support all aspects of Web Application development. We introduce a unified XForms-based framework--called XFormsDB--that supports both client-side and server-side Web Application development. Furthermore, we make a language extension proposal--called XFormsRTC--for adding true real-time communication capabilities to XForms. We also present XFormsDB Integrated Development Environment (XIDE), which assists end-users in authoring highly interactive data-driven Web Applications. XIDE supports all Web Application development levels and, especially, promotes the transition from markup authoring and snippet programming to single and unified language programming.
1 Mar 2016
TL;DR: This paper aims to understand the wide range of attacks as well as the complex security situation and attack surface of Web 2.0 applications, and study the open research challenges in this field to assess how best to approach these issues.
Abstract: Everyone loves Web 2.0 applications. They are easy to use and fast, and can be accessed from any computer or smartphone without installation. They let us easily communicate and share data with one another, shop simply, and access vast amounts of information. However, they're also frequently mentioned in connection with novel exploits, data leaks, or identity theft. Active content, tight integration, and the overall complexity of the continuously evolving Web 2.0 technology create new risks that we can hardly grasp. Turning back on the technology is not a solution because we would lose many features that we've come to rely on. But how can we achieve both a pleasant user experience and security in a place as messy as the Web 2.0 landscape? First, we can look to understand the wide range of attacks as well as the complex security situation and attack surface of Web 2.0 applications. Second, we can study the open research challenges in this field and assess how best to approach these issues.
1 Sep 2016
TL;DR: A universal secure paradigm is presented which the web developers can apply in the development process to enhance the security features of web applications.
Abstract: Security protection is usually thought to be a separate process in web application development phases but the external security protection mechanisms are not effective to control threats and vulnerabilities in web applications. As a consequence, researchers have realized security development should be an integral part of System Development Lifecycle of web applications. This article presents a universal secure paradigm which the web developers can apply in the development process to enhance the security features of web applications. The proposed paradigm is an extension to security development practices with agile methodology. It consists of three phases, i.e., inception, construction and transition. Inception can be mapped to analysis stage of traditional development life cycle process and transition refers to security assurance stage before deployment whereas construction phase is iterative process of security development.
TL;DR: A way to set up a distributed manufacturing control system by using common web technologies like RWD and embedded systems is presented and the functionality of the method is proven within an application example.
1 Dec 2016
TL;DR: The approach goes further in the creation of services by generating executable orchestrations, as BPEL processes, starting from navigations in the Web interfaces of these applications and by providing BPMN choreography specifications starting from the collaborations between the generated Web services.
Abstract: Web applications are nowadays prevalent software systems in our everyday's life. A lot of these applications have been developed for end users only. Thus, they are not designed by considering future extensions that would be developed by third parties. One possible and interesting solution for opening these applications for such kind of extension development is to create and deploy Web services starting from these applications. In this paper, we present a method and a tool for semiautomatically creating Web service implementations from applications having Web interfaces. The proposed method generates operations that are published in Web services for each functionality provided by a Web application. In addition, it generates new operations starting from Web interfaces. Our approach goes further in the creation of services by generating executable orchestrations, as BPEL processes, starting from navigations in the Web interfaces of these applications and by providing BPMN choreography specifications starting from the collaborations between the generated Web services. We implemented and experimented our solution in the migration of three real-world Web applications toward Web service-oriented systems.
20 Jun 2016
TL;DR: This work proposes a system for analysing the usage of web-based cross-device applications, based on practices from the web, and discusses how it was used to observe the introduction of a cross- Device feature in an existing application with a substantial user base.
Abstract: Applications that adapt to and make use of the set of available devices have received a lot of attention lately. Even so, it remains unclear how such cross-device applications are used outside of controlled environments like lab studies where users are instructed on usage. Insights into the usage of an application could help measure business goals and improve the application, as is common for web-based applications. Building on practices from the web, we propose a system for analysing the usage of web-based cross-device applications. We introduce metrics and use cases of interest in cross-device scenarios and explain how we support these in our implementation, XD-Analytics. Finally, we discuss how we used XD-Analytics to observe the introduction of a cross-device feature in an existing application with a substantial user base.
11 Apr 2016
TL;DR: The observlets are aimed to enhance end-users' awareness and engagement on web observatory and support programmers for innovating various data analytic applications.
Abstract: The Web observatory is proposed as a global catalogue for sharing data-sets and analytic applications to support researchers from a variety of disciplines for analysing huge amount of research data for Web Science research. However, often these users fail to understand various transformations and consequences of complex data processing involved in a data analytic application. Therefore, there is a need to enable these users develop and re-use analytic applications on web observatory. In this study, we propose formal design patterns called "Observlets" for analytic applications to "observe" various web phenomena. The observlets provide abstract definitions for intermediate analysis required for a data analytic application. The users can share observlets across distributed web observatory nodes. The observlets are aimed to enhance end-users' awareness and engagement on web observatory and support programmers for innovating various data analytic applications.
TL;DR: The state of the art for agri-food products in relation to the evolution from e-commerce to social commerce will be analysed, through a specific survey, consisting of two complementary phases, related both to online businesses and to the web consumers.
Abstract: In the ICTs sector, innovations follow each other swiftly, as it is a very dynamic market, where Web 3.0 represents the latest phenomenon, after Web 2.0 and the social networks that had revolutionised the global world of information. The web has become a web ecosystem in which users create value by sharing and creating experiences in the web. However, despite the fact that there are interesting potentials for growth, Italian agri-food and agricultural enterprises have still not bridged the digital divide. The aim of this study is to provide a brief overview of the developments in the digital economy and of the changes in B2C models. In particular, the state of the art for agri-food products in relation to the evolution from e-commerce to social commerce will be analysed, through a specific survey, consisting of two complementary phases, related both to online businesses and to the web consumers.
Journal Article•
TL;DR: The findings indicate that several design decisions made in relation to the language, organisation, and volume of WebAIR were effective in supporting web developers to undertake web accessibility evaluations.
Abstract: This paper describes the design and evaluation of a Web Accessibility Information Resource (WebAIR) for supporting web developers to create and evaluate accessible websites. WebAIR was designed with web developers in mind, recognising their current working practices and acknowledging their existing understanding of web accessibility. We conducted an evaluation with 32 professional web developers in which they used either WebAIR or an existing accessibility information resource, the Web Content Accessibility Guidelines, to identify accessibility problems. The findings indicate that several design decisions made in relation to the language, organisation, and volume of WebAIR were effective in supporting web developers to undertake web accessibility evaluations.
1 Feb 2016
TL;DR: This paper concentrates on the diverse estimation procedures and the apparatuses that are utilized for web advancement and the different real and true issues and difficulties that ought to be taken under thought while growing expansive web applications.
Abstract: The web innovation in the present scenario is experiencing an excess of uncommon changes. Today, web advancement procedure is driven by awesome proficient gatherings, yet they don't have legitimate preparation and involvement in data framework plan because of which different specialized instruments bears extreme issues. For application designer, web innovation represents a new technique of software engineering with new apparatuses, new systems and new plans. Subsequently, there's a need to locate a fitting approach to adapt up to these difficulties of web application improvement. This paper concentrates on the diverse estimation procedures and the apparatuses that are utilized for web advancement. This paper likewise connotes the different real and true issues and difficulties that ought to be taken under thought while growing expansive web applications.
8 Nov 2016
TL;DR: This mini-course aims to present the main concepts usually used to evaluate accessibility and usability of RIA, and is an overview of perspectives about practices and theoretical references, from Standards for Quality up to the implementation resources of Web applications.
Abstract: Popularity of Internet applications has reached significant scales. In consequence, a wide diversity of solutions has been created based on Web features. Rich Internet Application (RIA) is a relevant term adopted for technological advances in software developed for the Web, which refers to Web applications aimed to provide users with a desktop similar experience. RIAs usually have wider capabilities in comparison with traditional hypertext applications, specially regarding to the interactive elements of their interfaces. New possibilities that have emerged from RIA are essential to support relevant aspects of Web 2.0, such as participation and collaboration. As among other applications, developing accessible and usable RIAs is a valuable and fundamental aspect for development teams, since these new interaction features available on the Web are not always accessible for people with disabilities or reduced mobility. For this reason, this mini-course aims to present the main concepts usually used to evaluate accessibility and usability of RIA; it is an overview of perspectives about practices and theoretical references, from Standards for Quality up to the implementation resources of Web applications. The approach of this mini-course covered practices on main RIA coding techniques, and methods of usability and accessibility evaluation as Guidelines Review and Heuristic Evaluation. Moreover, this mini-course was developed aiming newcomers and professionals that want to specialize their skills on the development and evaluation of usable and accessible RIAs.
4 Mar 2016
TL;DR: This paper analyzes and takes survey of the different Zero-day vulnerability, how it can help organizations in testing their web applications in order to build reliable and secure applications.
Abstract: In recent year a lot of web applications have been released in the world. At the same time, Zero-Day attacks against web application vulnerabilities have also increased. In such a scenario, it is necessary to make web applications more secure. However checking all web vulnerabilities by manually is very difficult and time-consuming. Therefore, we need a web application vulnerability scanner which is used for detecting security vulnerabilities in web services by underlining the service from the attacker's point of view. Web Application Penetration Testing (WAPT) plays an important role in every modern organization but, if an organization web apps does not properly test and secure then adversaries can compromise your applications, steal organization data and. damage business performance. Unfortunately, many organizations are under an illusion that a web application scanner which they are using will sincerely discover loopholes in their systems. According to research and study, there are different penetration testing tools have provide different performance on vulnerabilities detection. In this paper we have analyze and take survey of the different Zero-day vulnerability, how we can help organizations in testing their web applications in order to build reliable and secure applications.