scholarly journals A Software Security Optimization Architecture (SoSOA) and its Adaptation for Mobile Applications

2021 ◽  
Vol 15 (11) ◽  
pp. 148
Author(s):  
Amr Abozeid ◽  
AbdAllah Adel AlHabshy ◽  
Kamal ElDahshan
Keyword(s):  
Mobile Applications ◽  
Software Security ◽  
Security Threats ◽  
Security Threat ◽  
Daily News ◽  
Software Application ◽  
Software Applications ◽  
Different Types ◽  
Security Standard ◽  
Analysis Design

Security attacks become daily news due to an exposure of a security threat in a widely used software. Taking software security into consideration during the analysis, design, and implementation phases is a must. A software application should be protected against any security threat such as unauthorized distribution or code retrieval. Due to the lack of applying a software security standard architecture, developers may create software that may be vulnerable to many types of security threats. This paper begins by reviewing different types of known software security threats and their countermeasure mechanisms. Then, it proposes a new security optimization architecture for software applications. This architecture is a step towards establishing a standard to guarantee the software's security. Furthermore, it proposes an adapted software security optimization architecture for mobile applications. Besides, it presents an algorithmic implementation of the newly proposed architecture, then it proves its security. Moreover, it builds a secure mobile application based on the newly proposed architecture.

UML-BASED MODELING AND ANALYSIS OF SECURITY THREATS

2010 ◽  
Vol 20 (06) ◽  
pp. 875-897 ◽  
Author(s):  
JUN KONG ◽  
DIANXIANG XU ◽  
XIAOQIN ZENG
Keyword(s):  
Formal Method ◽  
Graph Transformation ◽  
State Transitions ◽  
Security Threats ◽  
Sequence Diagrams ◽  
Security Threat ◽  
Initial State ◽  
Final State ◽  
Modeling And Analysis ◽  
Software Application

Poor design has been a major source of software security problems. Rigorous and designer-friendly methodologies for modeling and analyzing secure software are highly desirable. A formal method for software development, however, often suffers from a gap between the rigidity of the method and the informal nature of system requirements. To narrow this gap, this paper presents a UML-based framework for modeling and analyzing security threats (i.e. potential security attacks) rigorously and visually. We model the intended functions of a software application with UML statechart diagrams and the security threats with sequence diagrams, respectively. Statechart diagrams are automatically converted into a graph transformation system, which has a well-established theoretical foundation. Method invocations in a sequence diagram of a security threat are interpreted as a sequence of paired graph transformations. Therefore, the analysis of a security threat is conducted through simulating the state transitions from an initial state to a final state triggered by method invocations. In our approach, designers directly work with UML diagrams to visually model system behaviors and security threats while threats can still be rigorously analyzed based on graph transformation.

scholarly journals Evolution, Working and Solution to Security Threats in Virtual Data Acquisition Systems

2020 ◽  
Vol 9 (1) ◽  
pp. 2672-2677
Keyword(s):  
Data Acquisition ◽  
Industrial Revolution ◽  
Data Acquisition System ◽  
Present System ◽  
Security Threats ◽  
Security Threat ◽  
Web Based ◽  
Amount Of Information ◽  
Data Acquisition Systems ◽  
Different Types

After the Industrial Revolution, big industries and factories came into being and the amount of information i.e. data increased tremendously and hence it became very difficult to keep track of them. Therefore, the need to have a system of database which can be used to keep track of the data that has variables of different types. The evolution of such data acquisition system is traced, the present system in practice is discussed and the future scope of improvement is realized. Today these systems are mostly web based so there is a big security threat which needs to be addressed. This paper highlights the existing solutions and proposes some unique methods to increase the security of Data Acquisition systems.

Security Threat Analyses and Attack Models for Approximate Computing Systems

2021 ◽  
Vol 26 (4) ◽  
pp. 1-31
Author(s):  
Pruthvy Yellu ◽  
Landon Buell ◽  
Miguel Mark ◽  
Michel A. Kinsy ◽  
Dongpeng Xu ◽  
...  
Keyword(s):  
Error Resilience ◽  
Security Threats ◽  
Approximate Computing ◽  
Security Threat ◽  
Security Vulnerabilities ◽  
Computing Systems ◽  
Quantitative Analyses ◽  
Resilience Mechanisms ◽  
The Impact ◽  
Attack Models

Approximate computing (AC) represents a paradigm shift from conventional precise processing to inexact computation but still satisfying the system requirement on accuracy. The rapid progress on the development of diverse AC techniques allows us to apply approximate computing to many computation-intensive applications. However, the utilization of AC techniques could bring in new unique security threats to computing systems. This work does a survey on existing circuit-, architecture-, and compiler-level approximate mechanisms/algorithms, with special emphasis on potential security vulnerabilities. Qualitative and quantitative analyses are performed to assess the impact of the new security threats on AC systems. Moreover, this work proposes four unique visionary attack models, which systematically cover the attacks that build covert channels, compensate approximation errors, terminate normal error resilience mechanisms, and propagate additional errors. To thwart those attacks, this work further offers the guideline of countermeasure designs. Several case studies are provided to illustrate the implementation of the suggested countermeasures.

Regression Testing-Based Requirement Prioritization of Mobile Applications

2012 ◽  
Vol 3 (4) ◽  
pp. 20-39 ◽  
Author(s):  
Varun Gupta ◽  
D. S. Chauhan ◽  
Kamlesh Dutta
Keyword(s):  
Mobile Applications ◽  
Development Process ◽  
Regression Testing ◽  
Test Cases ◽  
Application Development ◽  
High Quality ◽  
Ripple Effects ◽  
Software Application ◽  
Mobile Software ◽  
Requirement Prioritization

Mobile software application development process must be matured enough to handle the challenges (especially market related) associated with the development of high quality mobile software development. Ever increasing number of both mobile users and mobile applications had presented software engineers with the challenge of satisfying billions of users with high quality software applications to be delivered within deadline and budgets. Always there had been a lot of pressure to develop complex software categorized by thousands of requirements, under resource constrained environment. Requirement prioritization is one of the activities undertaken by software engineer to deliver partial software product to its customers such that most important requirements are implemented in the earliest releases. During next releases some changed and pending requirements are implemented, an activity that generates ripple effects. Such ripple effects need to be tested by executing modified source code against test cases of previous releases (regression testing). Regression testing is a very effortful activity that requires a software tester to select test cases that have high fault detection capability, execute the modified code against selected test cases and performing debugging. This regression testing activity can be lowered to the maximum extend by considering dependencies between requirements during the time of requirement prioritization. Thus requirement prioritization will be carried out not only against aspects like cost, time, risks, business values etc but against dependencies also. The aim is to implement almost all dependent highest priority requirements in current release so that implementation of new requirements is unlikely to have ripple effects. Changes in requirements might not be related to variable usage and definition and might not involve a change in functionality. In such cases there is no need to select already executed test cases of previous versions. Module dependencies can lead to test case selections of previous versions if changes of requirement lead to ripple effects. This paper aims to implement highest priority requirements such that regression testing is performed to minimum thereby improving development process of mobile applications. The proposed technique had been successfully evaluated on Android based notification software application that meets the specification of Aakash tablets.

scholarly journals Multilevel classification of security threats in cloud computing

2017 ◽  
Vol 7 (1.5) ◽  
pp. 253
Author(s):  
N. Srinivasu ◽  
O. Sree Priyanka ◽  
M. Prudhvi ◽  
G. Meghana
Keyword(s):  
Cloud Computing ◽  
Web Application ◽  
Service Level Agreement ◽  
Service Level ◽  
Security Threats ◽  
Security Threat ◽  
Security Issues ◽  
Network Applications ◽  
Storage Network ◽  
Multilevel Classification

Cloud Security was provided for the services such as storage, network, applications and software through internet. The Security was given at each layer (Saas, Paas, and Iaas), in each layer, there are some security threats which became the major problem in cloud computing. In Saas, the security issues are mainly present in Web Application services and this issue can be overcome by web application scanners and service level agreement(SLA). In Paas, the major problem is Data Transmission. During transmission of data, some data may be lost or modified. The PaaS environment accomplishes proficiency to some extent through duplication of information. The duplication of information makes high accessibility of information for engineers and clients. However, data is never fully deleted instead the pointers to the data are deleted. In order to overcome this problem the techniques that used are encryption[12], data backup. In Iaas the security threat that occurs in is virtualization and the techniques that are used to overcome the threats are Dynamic Security Provisioning(DSC), operational security procedure, for which Cloud Software is available in the market, for e.g. Eucalyptus, Nimbus 6.

scholarly journals Multimodal Affective Computing to Enhance the User Experience of Educational Software Applications

2018 ◽  
Vol 2018 ◽  
pp. 1-10 ◽  
Author(s):  
Jose Maria Garcia-Garcia ◽  
Víctor M. R. Penichet ◽  
María Dolores Lozano ◽  
Juan Enrique Garrido ◽  
Effie Lai-Chong Law
Keyword(s):  
User Experience ◽  
Affective Computing ◽  
Educational Software ◽  
Control Group ◽  
Emotional States ◽  
Emotion Detection ◽  
Software Application ◽  
Software Applications ◽  
Learning Progress ◽  
The One

Affective computing is becoming more and more important as it enables to extend the possibilities of computing technologies by incorporating emotions. In fact, the detection of users’ emotions has become one of the most important aspects regarding Affective Computing. In this paper, we present an educational software application that incorporates affective computing by detecting the users’ emotional states to adapt its behaviour to the emotions sensed. This way, we aim at increasing users’ engagement to keep them motivated for longer periods of time, thus improving their learning progress. To prove this, the application has been assessed with real users. The performance of a set of users using the proposed system has been compared with a control group that used the same system without implementing emotion detection. The outcomes of this evaluation have shown that our proposed system, incorporating affective computing, produced better results than the one used by the control group.

scholarly journals Mobile Applications for the Promotion and Support of Healthy Nutrition and Physical Activity Habits: A Systematic Review, Extraction of Features and Taxonomy Proposal

2019 ◽  
Vol 12 (1) ◽  
pp. 50-71
Author(s):  
María Vanessa Villasana ◽  
Ivan Miguel Pires ◽  
Juliana Sá ◽  
Nuno M. Garcia ◽  
Eftim Zdravevski ◽  
...  
Keyword(s):  
Physical Activity ◽  
Mobile Applications ◽  
Calorie Intake ◽  
Anthropometric Parameters ◽  
Healthy Nutrition ◽  
Different Types ◽  
Diet Diary ◽  
Definition Of ◽  
Future Work ◽  
Google Play

Background: Mobile applications can be used for the monitoring of lifestyles and physical activity. It can be installed in commodity mobile devices, which are currently used by different types of people in their daily activities worlwide . Objective: This paper reviews and categorizes the mobile applications related to diet, nutrition, health, physical activity and education, showing the analysis of 73 mobile applications available on Google Play Store with the extraction of the different features. Methods: The mobile applications were analyzed in relation to each proposed category and their features, starting with the definition of the search keywords used in the Google Play Store. Each mobile application was installed on a smartphone, and validated whether it was researched in scientific studies. Finally, all mobile applications and features were categorized. Results: These mobile applications were clustered into four groups, including diet and nutrition, health, physical activity and education. The features of mobile applications were also categorized into six groups, including diet, anthropometric parameters, social, physical activity, medical parameters and vital parameters. The most available features of the mobile applications are weight, height, age, gender, goals, calories needed calculation, diet diary, food database with calories, calories burned and calorie intake. Conclusion: With this review, it was concluded that most mobile applications available in the market are related to diet, and they are important for different types of people. A promising idea for future work is to evaluate the acceptance by young people of such mobile applications.

scholarly journals Mobile Applications for the Promotion and Support of Healthy Nutrition and Physical Activity Habits: A Systematic Review, Extraction of Features and Taxonomy Proposal

2019 ◽  
Vol 13 (1) ◽  
pp. 50-71 ◽  
Author(s):  
María Vanessa Villasana ◽  
Ivan Miguel Pires ◽  
Juliana Sá ◽  
Nuno M. Garcia ◽  
Eftim Zdravevski ◽  
...  
Keyword(s):  
Physical Activity ◽  
Mobile Applications ◽  
Calorie Intake ◽  
Anthropometric Parameters ◽  
Healthy Nutrition ◽  
Different Types ◽  
Diet Diary ◽  
Definition Of ◽  
Future Work ◽  
Google Play

Background: Mobile applications can be used for the monitoring of lifestyles and physical activity. It can be installed in commodity mobile devices, which are currently used by different types of people in their daily activities worlwide . Objective: This paper reviews and categorizes the mobile applications related to diet, nutrition, health, physical activity and education, showing the analysis of 73 mobile applications available on Google Play Store with the extraction of the different features. Methods: The mobile applications were analyzed in relation to each proposed category and their features, starting with the definition of the search keywords used in the Google Play Store. Each mobile application was installed on a smartphone, and validated whether it was researched in scientific studies. Finally, all mobile applications and features were categorized. Results: These mobile applications were clustered into four groups, including diet and nutrition, health, physical activity and education. The features of mobile applications were also categorized into six groups, including diet, anthropometric parameters, social, physical activity, medical parameters and vital parameters. The most available features of the mobile applications are weight, height, age, gender, goals, calories needed calculation, diet diary, food database with calories, calories burned and calorie intake. Conclusion: With this review, it was concluded that most mobile applications available in the market are related to diet, and they are important for different types of people. A promising idea for future work is to evaluate the acceptance by young people of such mobile applications.

scholarly journals Finding the Perfect Match: Different Heavy-Duty Mobile Applications Call for Different Actuators

Proceedings ◽  
2020 ◽  
Vol 64 (1) ◽  
pp. 22
Author(s):  
David Fassbender ◽  
Tatina Minav
Keyword(s):  
Mobile Applications ◽  
State Of The Art ◽  
Perfect Match ◽  
The Novel ◽  
Hydraulic Systems ◽  
Heavy Duty ◽  
Different Types ◽  
Evaluation Algorithm ◽  
Novel Concept ◽  
Valve Control

For the longest time, valve-controlled, centralized hydraulic systems have been the state-of-the-art technology to actuate heavy-duty mobile machine (HDMM) implements. Due to the typically low energy efficiency of those systems, a high number of promising, more-efficient actuator concepts has been proposed by academia as well as industry over the last decades as potential replacements for valve control—e.g., independent metering, displacement control, different types of electro-hydraulic actuators (EHAs), electro-mechanic actuators, or hydraulic transformers. This paper takes a closer look on specific HDMM applications for these actuator concepts to figure out where which novel concept can be a better alternative to conventional actuator concepts, and where novel concepts might fail to improve. For this purpose, a novel evaluation algorithm for actuator–HDMM matches is developed based on problem aspects that can indicate an unsuitable actuator–HDMM match. To demonstrate the functionality of the match evaluation algorithm, four actuator concepts and four HDMM types are analyzed and rated in order to form 16 potential actuator–HDMM matches that can be evaluated by the novel algorithm. The four actuator concepts comprise a conventional valve-controlled concept and three different types of EHAs. The HDMM types are excavator, wheel loader, backhoe, and telehandler. Finally, the evaluation of the 16 matches results in 16 mismatch values, of which the lowest indicates the “perfect match”. Low mismatch values could be found in general for EHAs in combination with most HDMMs but also for a valve-controlled actuator concept in combination with a backhoe. Furthermore, an analysis of the concept limitations with suggestions for improvement is included.

scholarly journals Analisis Strategi Forum Kewaspadaan Dini Masyarakat (FKDM) atas Cegah Dini dalam Penanganan Konflik Sosial di Provinsi Dki Jakarta Tahun 2019

2020 ◽  
Vol 3 (2) ◽  
pp. 205-209
Author(s):  
Dwi Agustina ◽  
Edy Mulyadi
Keyword(s):  
Government Regulation ◽  
Swot Analysis ◽  
Social Conflict ◽  
Warning System ◽  
Security Threats ◽  
Security Threat ◽  
National Unity ◽  
Conflict Handling ◽  
The Government

The community is responsible for the implementation of the community early awareness, meanwhile the government is obliged to facilitate it. A good role of the Community Early Awareness Forum or Forum Kewaspadaan Dini Masyarakat (FKDM) followed up by the government can save the community from security threat or disaster and minimize losses by anticipating the security threats and disaster. This research uses qualitative approach. Concept operationalization in this research refers to the used strategy, the SWOT analysis. The FKDM strategies in social conflict early prevention are: 1) inserting early warning system by increasing institutional capacities which include three elements; government, private sector, community through dialogue, 2) National Unity and Politics Agency or Badan Kesatuan Bangsa dan Politik (Kesbangpol) of DKI Jakarta actively making dialogue persuasively and finding solution, 3) budgeting of conflict handling according to the Government Regulation gives opportunity to strengthen community resilience to protect the community, encourage community participation, handle social conflict, and preserve local wisdom to maintain peace.

Sign in / Sign up

Export Citation Format

Share Document