Journal of Software Engineering & Intelligent Systems

ISSN: 2518-8739 (Online)

APRIL 2017 | VOLUME. 2  ISSUE. 1
Title:

VALIDATION OF APPLIED SECURITY DESIGN PATTERNS USING TEST TEMPLATES IN SECURE AWARE SDLC

Authors:

E.R.Aruna, A. Rama Mohan Reddy, K.V. N. Sunitha

Abstract:

Security patterns are security knowledge encapsulated tools, they have significant contributions for supporting the software developers as all the software developers need not to be a security specialists. If the applied patterns are inappropriate, this will create vulnerabilities in the product implementation. Here we proposed a method for validation of applied security design patterns in the implementation phase of software development life cycle (SDLC). In this paper, we are verifying the security pattern by creating reusable test case. As a case study, we are validating the applied security patterns for Patient Monitoring System (PMS) application. We believe, the applied security patterns structure is verified in implementation phase. With this we achieve, the security patterns are successfully structured and verified in design and implementation phase. Thus, we can rename SDLC as secure aware SDLC.

Keywords: Secure Software; Design Patterns; Software Development, Patient Monitoring System;
Available: VALIDATION OF APPLIED SECURITY DESIGN PATTERNS USING TEST TEMPLATES IN SECURE AWARE SDLC by E.R.Aruna, A. Rama Mohan Reddy, K.V. N. Sunitha is available under cc by-nc 4.0 License. Permissions beyond the scope of this license may be available at JSEIS.
Download PDF

Title:

A RISK DECISION POLICY MODEL FOR MITIGATING RISK IN IT ORGANIZATIONS

Authors:

Bokolo Anthony Jnr, Noraini Che Pa, Rozi Nor Haizan Nor, Yusmadi Yah Josoh

Abstract:

Information Technology (IT) organizations are facing various risks such as strategic, operational and technical risks. These risks should be identified, measured and mitigated. After risks are identified, resources should be devoted to mitigate these risks. However, risk mitigation is a complicated problem especially in IT organizations. It leads to difficulty in choosing and executing mitigation actions. In risk mitigation, decision making based on the risk will be performed in order to have an efficient decision in the mitigation of identified risks. Risk mitigation in IT organizations provides a disciplinary environment for proactive decision making to measure and treat potential risk continuously. Unfortunately, present standards for risk mitigation show limitations when making decisions on how to mitigate availability risks. Existing model provides inadequate support to practitioners in making risk decision pertaining risk mitigation policies. This is due to the fact that existing approaches lack the capabilities to support practitioners, these dependencies make the technical problem of mitigating existing risks very challenging. In order to address this challenge, this research identifies the processes of risk decisions for mitigating risk in IT organizations by developing a risk decision policy model that focuses on mitigating both technical and operational risk that occurs in IT organizations.

Keywords: Risk; Risk Decisions; Decision Policy; Risk Mitigation; IT Organizations;
Available: A RISK DECISION POLICY MODEL FOR MITIGATING RISK IN IT ORGANIZATIONS by Bokolo Anthony Jnr, Noraini Che Pa, Rozi Nor Haizan Nor, Yusmadi Yah Josoh is available under cc by-nc 4.0 License. Permissions beyond the scope of this license may be available at JSEIS.
Download PDF

Title:

A SURVEY OF DECISION SUPPORT AND COGNITIVE LOAD IN REQUIREMENTS ENGINEERING

Authors:

Falak Sher, Shahbaz A.K. Ghayyur

Abstract:

Decision-making is one of the most complex activities in requirements engineering (RE). There are certain factors which affect directly or indirectly to the quality of decision-making. Certain characteristics and guiding principles also exist and theoretically grounded which can play a very important role in improving the quality of decision-making. But, there is a need to improve and evaluate these characteristics and their guiding principles for their effectiveness and prioritization. One of these characteristics is cognitive load that is a major cause for effectiveness of quality of decision-making in RE. It can be reduced by following the guiding principles giving detailed and overview information about the system during decision-making in different phases of RE. Similarly, different techniques also exist in literature which can help in reducing Cognitive Load during decision-making process in RE. However, it is required to evaluate the usefulness of these characteristics in terms of their effectiveness, valuable in a certain context, and their priority in order to increase efficiency. Hence, a survey is conducted in this research in order to evaluate the characteristic of cognitive load and the use of decision support tools, techniques and their effectiveness in making decisions for RE and to reduce cognitive load.

Keywords: Decision Support; Requirements Engineering; Cognitive Load; Decision-Making;
Available: A SURVEY OF DECISION SUPPORT AND COGNITIVE LOAD IN REQUIREMENTS ENGINEERING by Falak Sher, Shahbaz A.K. Ghayyur is available under cc by-nc 4.0 License. Permissions beyond the scope of this license may be available at JSEIS.
Download PDF

Title:

DESIGN OF A SECURE ANDROID CHATTING APPLICATION USING END TO END ENCRYPTION

Authors:

Ammar H. Ali, Ali Makki Sagheer

Abstract:

Smart phones have become an essential part in the life. The most prominent uses are in chatting and conversation applications. Large number of these applications claim that they are providing security, confidentiality and integrity of user’s information. The security and privacy-preserving features of different mobile applications have gone under the spot-light. Yet there are very few mobile chat applications that give an End-to-End security and privacy-preserving service to their clients. In this paper, a secure chatting application with end-to-end encryption for smart phones, that used the android OS, have been proposed. This is achieved by the use of public key cryptography techniques. The proposed application used the ECDH algorithm to generate the key pair and exchanged to produce the shared key that will be used for the encryption of data by symmetric algorithms. The proposed application allows the users to communicate via text messages, voice messages, as well as exchange photos. For the text message security, the standard AES algorithm with a 128 bit key are used. The generated key (160 bit) is minimized to 128 bit length in order to be used by the AES algorithm. For the voice and image security processes the proposed application used the symmetric algorithm RC4. RC4 provides less security than AES but it performs faster and this is required for such types and sizes of data. The idea behind the RC4 attack is the biases in RC4 key streams. Thus, a new shift function is introduced that eliminated the biases as showed in the results, which guarantees the RC4 algorithm with the modification it can be considered secure.

Keywords: Chat Application; End-to-End; ECDH; AES; RC4;
Available: DESIGN OF A SECURE ANDROID CHATTING APPLICATION USING END TO END ENCRYPTION by Ammar H. Ali, Ali Makki Sagheer is available under cc by-nc 4.0 License. Permissions beyond the scope of this license may be available at JSEIS.
Download PDF

Title:

A SURVEY OF SOFTWARE QUALITY METRICS FOR SOFTWARE MEASUREMENT PROCESS

Authors:

Anam Zai, Rawish Butt, Shiza Nawaz

Abstract:

Software measurement process is a process that measures, adjusts, evaluates, and improves the software development process. Software metrics may be used in different models to improve software quality. This paper aims to identify software metrics to increase knowledge of the reasons and effects of using metrics and to evaluate their applicability in software development. Therefore, we use previous studies in the literature in order to describe the fundamental aspects of the software quality metrics. We discussed several metrics of software quality like: product quality, in-process quality, testing quality, and customer satisfaction quality. Process metrics have been seemed more successful in discovering faults as compared to complexity metrics and traditional size.

Keywords: Software Measurement Process; Software Quality; Software Metric; Survey;
Available: A SURVEY OF SOFTWARE QUALITY METRICS FOR SOFTWARE MEASUREMENT PROCESS by Anam Zai, Rawish Butt, Shiza Nawaz is available under cc by-nc 4.0 License. Permissions beyond the scope of this license may be available at JSEIS.
Download PDF

Title:

SEMANTIC WEB REQUIREMENT ENGINEERING BOUNDARIES

Authors:

Muhammad Waseem Chughtai, Farhan Elahi, Nicholas Akosu

Abstract:

Semantic Web is an updated version of existing active web-servers. In recent years, semantic web has become a famous data representation significance due to its remarkable representation and hierarchical exchange of information specialties. From a research perception on web 3.0, the semantic web itself is not enough to identify and organize the functional requirements of hierarchical synchronized knowledge processes (documenting, formulating and maintaining) in appropriate manner. It may need a consistent knowledgeable specification mechanism for visualizing the hierarchical data synchronization in a meaningful and valuable way. Due to such complexity, researchers of W3C inter-operate ontological engineering with semantic web to perk up its hierarchical synchronized knowledge processes and tackle the functional requirement engineering prospectively. The objective of this research paper is to tackle the core information about web engineering, semantic web, and ontology. We also focus on the importance of semantic web ontologies in the requirement engineering for improving the future descriptive web-based systems requirements.

Keywords: Web Engineering; Semantic Web; Ontology; Semantic Web Engineering; Requirement Engineering;
Available: SEMANTIC WEB REQUIREMENT ENGINEERING BOUNDARIES by Muhammad Waseem Chughtai, Farhan Elahi, Nicholas Akosu is available under cc by-nc 4.0 License. Permissions beyond the scope of this license may be available at JSEIS.
Download PDF

Title:

ROLE OF VISUALIZATION IN TACIT KNOWLEDGE: EXTRACTION AND APPLICATIONS IN SOFTWARE REQUIREMENTS

Authors:

Zainab Sultan, Rabiya Abbas, Shahid Nazir Bhatti, Amr Mohsen Jadi

Abstract:

Requirements have a proven role and considered as an important factor in designing and producing good quality software. Further available literature depicts precisely, comprehensively that poorly defined, organized requirements increase the cost of development, time for the development and more importantly leads to software product failure. It is of highest priority and importance for the developers, retailers as well as for the clients to verify that the designed and planned system satisfies their needs or not. In today’s world while designing, developing system, the knowledge extraction becomes an important area for research and key focus in order to compile and share knowledge. In knowledge extraction, explicit and tacit knowledge are the two categories of knowledge. Explicit knowledge is simple to perceive and understand due to its simplicity and clarity. Tacit knowledge is not that easily understandable due to its complex nature and as it resides under the experts’ mind. In this research, we have given enumerated illustrations and account of nature of tacit knowledge and different frameworks. Another vital contribution in this research is that it establishes rules and proposes a framework for tacit knowledge derivations. Further, implementing these proposed rules will help eliciting tacit knowledge without consuming more cost and effort. We have also focused on UI generation via different visualization tools or technologies developed for requirements representation that will be further validated by using case studies and using real events or scenarios data.

Keywords: Knowledge; Tacit Knowledge; Knowledge Extraction; Framework; UI; Visualization;
Available: ROLE OF VISUALIZATION IN TACIT KNOWLEDGE: EXTRACTION AND APPLICATIONS IN SOFTWARE REQUIREMENTS by Zainab Sultan, Rabiya Abbas, Shahid Nazir Bhatti, Amr Mohsen Jadi is available under cc by-nc 4.0 License. Permissions beyond the scope of this license may be available at JSEIS.
Download PDF


Archive

Volume 4:
Issue 1   New
Volume 3:
Issue 3
Issue 2
Issue 1
Volume 2:
Issue 3
Issue 2
Issue 1
Volume 1:
Issue 2
Issue 1
Journal PicsCaomei Publishers © 2016-2019
f t