1 / 34

CST 500- Coalesced Summary of Faculty Presentations and Areas WEB APPLICATIONS

PRESENTED BY ESHWARI MENTE, NAVEEN DANTURI, AGASTHESWAR. CST 500- Coalesced Summary of Faculty Presentations and Areas WEB APPLICATIONS. Dr. Kevin Gary is an associate professor in College of Technology and Innovation at Arizona State University. His research interests includes:

patia
Download Presentation

CST 500- Coalesced Summary of Faculty Presentations and Areas WEB APPLICATIONS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. PRESENTED BY ESHWARI MENTE, NAVEEN DANTURI, AGASTHESWAR CST 500- Coalesced Summary of Faculty Presentations and AreasWEB APPLICATIONS

  2. Dr. Kevin Gary is an associate professor in College of Technology and Innovation at Arizona State University. • His research interests includes: • Software engineering • Systems architecture • Web applications • Databases • Enterprise computing • Image guided surgery • Computational intelligence • Technology supported teaching and learning. Introduction

  3. IGSTK - Technology assisted surgical procedures • Robotic Notes (Robotic Natural Orifice Transluminal Endoscopic Surgery) • Cochlear Implants • The Software Enterprise Courses offered at ASU: • CSE515-Multimedia & Web Databases • CST533 - DB-centric Enterprise App. Dev • CST 515 - Software Enterprise: Inception and Elaboration Dr. Gary’s past /current projects

  4. The Mashware Challenge: Bridging the gap between Web development and software engineering- TommiMikkonenAntero Taivalsaari

  5. The software industry is currently experiencing a paradigm shift towards web based software. There is an impending mismatch between web and software development Mashware software that leverages source code and software components that are downloaded dynamically from all over the world. The trend towards Mashware will aggravate the gap between web and software development. Introduction

  6. Evolution of the web as a software platform • First phase: Simple page structured documents • Second phase: Increasingly interactive with graphics, animation and plug–in. • Recent trend is towards desktop-style web applications.

  7. Towards Mashware :web applications as Mashware • A mashup is a web site that combines content from multiple web sites into an integrated experience. • Allows unparalleled sharing and reuse of software, data, layout and visualization information, or any other content across the planet. This increases productivity and reusability.

  8. Implending Mismatch • The principles and practices for web development evolved rather independently of the principles and practices for software engineering

  9. Software engineering principle violations Usability and user interaction issues Networking and security issues Browser inoperability and incompatibility issues Development style and testing issues Deployment model changes Performance issues. Interesting research areas:

  10. So far, web engineering and software engineering have evolved as separate fields. It is time to forget the origins of the browser as a document viewing environment and to start treating the Web as a real, full-fledged application platform – one whose capabilities will eventually far exceed those of the earlier software platforms. Call for action

  11. Finding Emergent Properties of WebApplication Development PlatformsByUlrich Stärk, Lutz Prechelt, IlijaJolevski

  12. “What is a Web Development Framework” • Functions of Web application Framework • Types of frameworks • “What web framework should we use” Web Application Development Platforms xkcd.com/292 by Randall Munroe

  13. Package to support construction of dynamic web applications. • Alleviating the repetitive overhead of development patterns. • Develop apps compatible with different Browsers. • More sophisticated, interactive, and well-managed Web Development Framework

  14. Provide Core Functionality. • Promote reusability and pluggability. • Good at organizing large projects. • Program actions and logic are separated from the HTML, CSS and design files. • Implement complex functionalities in efficient manner. • Enforcebest coding practices. Features of a framework

  15. Model–view–controller (MVC) • Push-based vs. pull-based • Three-tier organization • Content management systems Different frameworks Categorized

  16. 10 Best Free Web Application Frameworks

  17. Speed and agility of building applications in Rails. ROR syntax is more cryptic than that of Perl. Python with Django combination yields high performance. PHP with Symfony is the easiest language to code in, has security issues. Java still chugging on Struts 1.X, JSF is promising.Perl code tends to be small in size. Performance Comparison

  18. Web applications vulnerability statistics 2010-2011- ALEX HOPKINS

  19. Whitepaper will provide a unique insight into the state of web application security • Number of Issues in Web Application penetration test increased in 2011 • Most Prevalent issues • Server Misconfiguration • Information Leakage • Cross Scripting effect 2/3rd and SQL Injection effect 1/5th applications in 2011 • Input Validation Issues have decreased from 2010 to 2011 • In General issues identified remains constant indicates “Developers Tend to make Same Issues” Summary

  20. Server Configuration Information Leakage Authentication Weakness Session Management Weakness Authorization Weakness Input Validation Weakness Encryption Vulnerabilities Other CATEGORIES OF VULNERABILITIES

  21. Injection (SQL, LDAP, XPATH, OS command) Cross-Site Scripting (XSS) Broken Authentication and Session Management Insecure Direct Object References Cross-Site Request Forgery (CSRF) Security Misconfiguration Insecure Cryptographic Storage Failure to Restrict URL Access Insufficient Transport Layer Protection Un-validated Redirects and Forwards OWAsP (open web application security project) TOP 10 ISSUES

  22. WWW: World-Wide Web Conference WebDB: International Workshop on the Web and Databases WCW: Web Caching Workshop WIDM: International Workshop on Web Information and Data Management  International Journal of Web Applications International Journal of Web Services Research  Conferences and journals

  23. http://www.isr.uci.edu/architecture/research.html http://laser.cs.umass.edu/ http://www.cs.umass.edu/faculty/software-systems-and-architecture Issues, Challenges and Opportunities for Research in Software Engineering by Manish K Anand, VasudevaVarma Conference on Software Engineering and Applications (SEA 2004), November 09-1, 2004, MIT Cambridge, USA. Major Issues in Software Engineering Project Management RICHARD H. THAYER, MEMBER, IEEE, ARTHUR B. PYSTER, MEMBER, IEEE, AND ROGER C. WOOD, MEMBER, IEEE Web Application Vulnerability Statistics 2010-2011 Alex Hopkins :whitepapers@contextis.com http://perso.crans.org/~genest/conf.html http://www.igi-global.com/journal/international-journal-web-services-research/1079 http://dline.info/ijwa/ PlatForms 2011: Finding Emergent Properties of Web Application Development Platforms- Ulrich Stärk, Lutz Prechelt, IlijaJolevski The Mashware Challenge: Bridging the Gap Between Web Development and Software Engineering -TommiMikkonen , Antero Taivalsaari references

More Related