Acceleration of Server-side Image Processing by Client-side Pre-processing in Web Application Environment

Increasing demands on user interface (UI) usability, adaptability, and dynamic behavior drives ever-growing development and maintenance complexity. Traditional UI design techniques result in complex descriptions for data presentations with significant information restatement. In addition, multiple concerns in UI development leads to descriptions that exhibit concern tangling, which results in high fragment replication. Concern-separating approaches address these issues; however, they fail to maintain the separation of concerns for execution tasks like rendering or UI delivery to clients. During the rendering process at the server side, the separation collapses into entangled concerns that are provided to clients. Such client-side entanglement may seem inconsequential since the clients are simply displaying what is sent to them; however, such entanglement compromises client performance as it results in problems such as replication, fragment granularity ill-suited for effective caching, etc. This paper considers advantages brought by concern-separation from both perspectives. It proposes extension to the aspect-oriented UI design with distributed concern delivery (DCD) for client-server applications. Such an extension lessens the serverside involvement in UI assembly and reduces the fragment replication in provided UI descriptions. The server provides clients with individual UI concerns, and they become partially responsible for the UI assembly. This change increases client-side concern reuse and extends caching opportunities, reducing the volume of transmitted information between client and server to improve UI responsiveness and performance. The underlying aspect-oriented UI design automates the server-side derivation of concerns related to data presentations adapted to runtime context, security, conditions, etc. Evaluation of the approach is considered in a case study applying DCD to an existing, production web application. Our results demonstrate decreased volumes of UI descriptions assembled by the server-side and extended client-side caching abilities, reducing required data/fragment transmission, which improves UI responsiveness. Furthermore, we evaluate the potential benefits of DCD integration implications in selected UI frameworks.

Download Full-text

Prosedur efektif pengembangan aplikasi basis data

JSAI (Journal Scientific and Applied Informatics) ◽

10.36085/jsai.v2i1.104 ◽

2019 ◽

Vol 2 (1) ◽

Author(s):

Zulkarnaen Hatala

Keyword(s):

Web Application ◽

Specific Requirement ◽

Application System ◽

Web Based ◽

Database Application ◽

Server Side ◽

The Right ◽

Client Side ◽

The Web

Abstract—Efficient and quick procedure to build a web application is presented. The steps are intended to build a database application system with hundreds of tables. The procedure can minimize tasks needed to write code and doing manual programming line by line. The intention also to build rapidly web-based database application. In this method security concerning authentification and authorization already built in ensuring the right and eligible access of the user to the system. The end result is ready to use the web-based 3-tier application. Moreover, the application is still flexible to be customized and to be enhanced to suit more specific requirement in part of each module of the software both the server-side and client-side programming codes. Abstrak—Pada penelitian kali ini diusulkan prosedur cepat dan efisien pengembangan aplikasi basis data menggunakan generator aplikasi. Bertujuan untuk meminimalisir penulisan bahasa pemograman. Keuntungan dari prosedur ini adalah bisa digunakan untuk mengembangkan aplikasi basis data secara cepat terutama dengan sistem basis data yang terdiri dari banyak tabel. Hak akses dan prosedur keamanan standar telah disediakan sehingga setiap user terjamin haknya terhadap entitas tertentu di basis data. Hasil generasi adalah aplikasi basis data berbasis web yang siap pakai. Sistem aplikasi yang terbentuk masih sangat lentur untuk untuk dilakukan penyesuaian setiap komponen aplikasi baik di sisi server maupun di sisi client.

Download Full-text

DETECTING SERVER-SIDE ENDPOINTS IN WEB APPLICATIONS BASED ON STATIC ANALYSIS OF CLIENT-SIDE JavaScript CODE

PRIKLADNAYa DISKRETNAYa MATEMATIKA ◽

10.17223/20710410/53/3 ◽

2021 ◽

pp. 32-54

Author(s):

D. A. Sigalov ◽

◽

A. A. Khashaev ◽

D. Yu. Gamayunov ◽

◽

...

Keyword(s):

Static Analysis ◽

Web Application ◽

Web Applications ◽

Security Analysis ◽

Endpoint Detection ◽

Security Testing ◽

Application Security ◽

Server Side ◽

Dynamic Web ◽

Client Side

The problem of server-side endpoint detection in the context of blackbox security analysis of dynamic web applications is considered. We propose a method to increase coverage of server-side endpoint detection using static analysis of client-side JavaScript code to find functions which generate HTTP requests to the server-side of the application and reconstruct parameters for those functions. In the context of application security testing, static analysis allows to find such functions even in dead or unreachable JavaScript code, which cannot be achieved by dynamic crawling or dynamic code analysis. Evaluation of the proposed method and its implementation has been done using synthetic web application with endpoints vulnerable to SQL injections, and the same application was used to compare the proposed method with existing solutions. Evaluation results show that adding JavaScript static analysis to traditional dynamic crawling of web applications may significantly improve server-side endpoint coverage in blackbox application security analysis.

Download Full-text

XML Pipeline Processing in the Browser

Proceedings of Balisage: The Markup Conference 2010 ◽

10.4242/balisagevol5.toman01 ◽

2010 ◽

Cited By ~ 2

Author(s):

Vojtěch Toman

Keyword(s):

Web Application ◽

Web Applications ◽

Application Development ◽

Web Browser ◽

Development Models ◽

Server Side ◽

Potential Benefits ◽

Pipeline Processing ◽

Xml Web ◽

Client Side

With the growing interest in end-to-end XML web application development models, many web applications are becoming predominantly XML-based, requiring XML processing capabilities not only on the-server-side, but often also on the client-side. This paper discusses the potential benefits of using XProc for XML pipeline processing in the web browser and describes the developments of a JavaScript-based XProc implementation.

Download Full-text

Sistema de gestión para las inversiones de Suelos del Ministerio de la Agricultura en Granma

Revista de Investigación en Tecnologías de la Investigaión ◽

10.36825/riti.09.19.005 ◽

2021 ◽

Vol 9 (19) ◽

pp. 58-72

Author(s):

Leyanis Enoa Payés ◽

Raydel Chávez Socarrás

Keyword(s):

Programming Languages ◽

Information Management ◽

Web Application ◽

Relevant Information ◽

Extreme Programming ◽

Database Modeling ◽

Server Side ◽

Informatics System ◽

Client Side ◽

Html 5

Various processes are carried out in the Soil and Fertilizer Department of the Ministry of Agriculture at Granma's province in Cuba, including information management for investment approval. It becomes difficult due to the fact that it is carried out manually and through printed models, leading to insufficiencies in the personnel in charge of recording the information, difficulty in preserving relevant information and delay in the response process. In response to these needs, in this investigation, an informatics system is developed that will enrich the management of the information for the approval of investments of Soils and Fertilizers in Granma. For the development of the system was utilized as methodology of development of software Extreme Programming (XP). PHP 7.3.3 and SQL as server-side, client-side programming languages HTML 5, CSS 3, JavaScript and JQuery 1.2.2. APACHE 2.4.38 web application server, MySQL 5.0.12 as Database manager, CodeIgniter 3.1.10 as Framework and DBDesigner 4 as an aid to database modeling. As a result of investigation, a system validated by means of proofs of software was obtained, which vouch for his correct functioning.

Download Full-text

A Framework for Web Application Vulnerability Detection

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.c4778.029320 ◽

2020 ◽

Vol 9 (3) ◽

pp. 543-549

Keyword(s):

Web Application ◽

Human Life ◽

Dynamic Change ◽

The Internet ◽

Detection Mechanism ◽

Server Side ◽

Digital World ◽

Mechanism Research ◽

User Friendly ◽

Client Side

Hardly a facet of human life is not influenced by the Internet due to the continuous proliferation in the Internet facilities, usage, speed, user friendly browsing, global access, etc. At flip side, hackers are also attacking this digital world with new tactics and techniques through exploiting the web application vulnerabilities. The analysis of these vulnerabilities is of paramount importance in direction to secure social digital world. It can be carried out in two ways. First, manual analysis which is error prone due to the human nature of forgiveness, dynamic change in technology and fraudulence attack techniques. Second, through the existing web application vulnerability scanners that sometime may suffer from generating false alarm rate. Hence, there is a need to develop a framework that can detect different levels of vulnerabilities, ranging from client side vulnerabilities, communication side vulnerabilities to server side vulnerabilities. This paper has carried out the literature survey in direction of identifying the new attack vectors, vulnerabilities, detection mechanism, research gaps and new working areas in same field. Continuous improvement in framework is easy. Hence, a framework is proposed to overcome the identified research gap

Download Full-text

ImageSubXSS: an image substitute technique to prevent Cross-Site Scripting attacks

International Journal of Electrical and Computer Engineering (IJECE) ◽

10.11591/ijece.v9i2.pp1393-1398 ◽

2019 ◽

Vol 9 (2) ◽

pp. 1393

Author(s):

PMD Nagarjun ◽

Shaik Shakeel Ahamad

Keyword(s):

Web Application ◽

Web Applications ◽

Human Life ◽

Single Line ◽

Sensitive Information ◽

Server Side ◽

Client Side ◽

Application Execution ◽

Cross Site

<span lang="EN-US">Cross-Site Scripting (XSS) is one of serious web application attack. Web applications are involved in every activity of human life. JavaScript plays a major role in these web applications. In XSS attacks hacker inject malicious JavaScript into a trusted web application, execution of that malicious script may steal sensitive information from the user. Previous solutions to prevent XSS attacks require a lot of effort to integrate into existing web applications, some solutions works at client-side and some solutions works based on filter list which needs to be updated regularly. In this paper, we propose an Image Substitute technique (ImageSubXSS) to prevent Cross-Site Scripting attacks which works at the server-side. The proposed solution is implemented and evaluated on a number of XSS attacks. With a single line, developers can integrate ImageSubXSS into their applications and the proposed solution is able to prevent XSS attacks effectively.</span>

Download Full-text

Performance Enhancement of Soap Via Multi Level Caching

Mapana Journal of Sciences ◽

10.12723/mjs.17.6 ◽

2010 ◽

Vol 9 (2) ◽

pp. 47-52

Author(s):

Samiksha Shukla ◽

D. K. Mishra ◽

Kapil Tiwari

Keyword(s):

Web Services ◽

Web Application ◽

High Performance ◽

Performance Enhancement ◽

Access Protocol ◽

New Approach ◽

Server Side ◽

Multi Level ◽

Client Side ◽

Remote Communications

Due to complex infrastructure of web application response time for different service request by client requires significantly larger time. Simple Object Access Protocol (SOAP) is a recent and emerging technology in the field of web services, which aims at replacing traditional methods of remote communications. Basic aim of designing SOAP was to increase interoperability among broad range of programs and environment, SOAP allows applications from different languages, installed on different platforms to communicate with each other over the network. Web services demand security, high performance and extensibility. SOAP provides various benefits for interoperability but we need to pay price of performance degradation and security for that. This formulates SOAP a poor preference for high performance web services. In this paper we present a new approach by enabling multi-level caching at client side as well as server side. Reference describes implementation based on the Apache Java SOAP client, which gives radically enhanced performance.

Download Full-text

A Database for Counterfeit Electronics and Automatic Defect Detection Based on Image Processing and Machine Learning

ISTFA 2016: Conference Proceedings from the 42nd International Symposium for Testing and Failure Analysis ◽

10.31399/asm.cp.istfa2016p0580 ◽

2016 ◽

Author(s):

Navid Asadizanjani ◽

Sachin Gattigowda ◽

Mark Tehranipoor ◽

Domenic Forte ◽

Nathan Dunn

Keyword(s):

Machine Learning ◽

Image Processing ◽

Integrated Circuits ◽

Web Application ◽

The United States ◽

Global Market ◽

Online Database ◽

Ongoing Effort ◽

Time Period ◽

Physical Defects

Abstract Counterfeiting is an increasing concern for businesses and governments as greater numbers of counterfeit integrated circuits (IC) infiltrate the global market. There is an ongoing effort in experimental and national labs inside the United States to detect and prevent such counterfeits in the most efficient time period. However, there is still a missing piece to automatically detect and properly keep record of detected counterfeit ICs. Here, we introduce a web application database that allows users to share previous examples of counterfeits through an online database and to obtain statistics regarding the prevalence of known defects. We also investigate automated techniques based on image processing and machine learning to detect different physical defects and to determine whether or not an IC is counterfeit.

Download Full-text

DYNAMIC REST SERVICES ORCHESTRATION USING THE KNOWLEDGE BASE

Visnyk Universytetu “Ukraina” ◽

10.36994/2707-4110-2019-1-22-26 ◽

2019 ◽

Author(s):

Kostyantyn Kharchenko

Keyword(s):

Knowledge Base ◽

Service Oriented Architecture ◽

Main Idea ◽

The Real ◽

Server Side ◽

Service Oriented ◽

Services Orchestration ◽

Client Side ◽

Abstract Operation ◽

Microservice Architecture

The approach to organizing the automated calculations’ execution process using the web services (in particular, REST-services) is reviewed. The given solution will simplify the procedure of introduction of the new functionality in applied systems built according to the service-oriented architecture and microservice architecture principles. The main idea of the proposed solution is in maximum division of the server-side logic development and the client-side logic, when clients are used to set the abstract computation goals without any dependencies to existing applied services. It is proposed to rely on the centralized scheme to organize the computations (named as orchestration) and to put to the knowledge base the set of rules used to build (in multiple steps) the concrete computational scenario from the abstract goal. It is proposed to include the computing task’s execution subsystem to the software architecture of the applied system. This subsystem is composed of the service which is processing the incoming requests for execution, the service registry and the orchestration service. The clients send requests to the execution subsystem without any references to the real-world services to be called. The service registry searches the knowledge base for the corresponding input request template, then the abstract operation description search for the request template is performed. Each abstract operation may already have its implementation in the form of workflow composed of invocations of the real applied services’ operations. In case of absence of the corresponding workflow in the database, this workflow implementation could be synthesized dynamically according to the input and output data and the functionality description of the abstract operation and registered applied services. The workflows are executed by the orchestrator service. Thus, adding some new functions to the client side can be possible without any changes at the server side. And vice versa, adding new services can impact the execution of the calculations without updating the clients.

Download Full-text