Global ETD Search

41	A testing methodology for the validation of web applications / Une méthodologie de test pour la validation des applications web Morales, Gerardo 13 July 2010 (has links) L'objectif de cette thèse est d'assurer le bon comportement des aspects fonctionnels des systèmes basés sur le web. Pour atteindre cet objectif, nous nous basons dans ce manuscrit, sur deux approches différentes de test: l'approche active et l'approche passive. Le principe du test actif consiste à générer automatiquement une suite de scénarios de tests qui sera appliquée sur un système sous test pour en étudier sa conformité par rapport à ses besoins fonctionnels. Quant au test passif, il consiste à observer passivement le système sous test, sans interrompre le flux normal de ses opérations. Pour l'approche active, nous proposons une méthodologie qui permet de générer automatiquement des séquences de test afin de valider la conformité d'un système par rapport à la description formel du comportement du système. Le comportement est spécifié en utilisant un modèle formel basé sur des machines à états finis étendues temporisées (TEFSM). La génération automatique des tests est ensuite effectuée en utilisant des outils développés dans notre laboratoire et permet d'obtenir des cas de test exécutables qui permettent au moteur de test d'interagir avec une application web réel. Dans l’approche passive, nous spécifions des propriétés fonctionnelles à tester sous la forme d'invariants temporisés.Nous analysons ensuite les traces d’exécution d’un Web service composé afin d’élaborer un verdict sur sa conformité par rapport au comportement souhaité du système. Plusieurs algorithmes et outils sont fournis dans ce manuscrit pour effectuer le test actif et passif des systèmes Web. Nous avons appliqué nos méthodologies à divers systèmes (le Mission Handler et le Travel Reservation Service) pour illustrer les approches proposées sur des systèmes réels / The objective of this thesis is to ensure the proper behaviour of the functional aspects of web based systems. To achieve this goal, we proposed two different test approaches: the active approach and the passive approach. Our goal is to automatically generate a suite of active test scenarios that will be applied on a system under test to examine its compliance with respect to its functional specification, and, when interrupting the normal flow of operation is problematic, to observe the system under test with passive testing. The goal of this work is developing a method and a set of tools to test web based systems using the active and passive testing approaches. Concerning the active testing approach, we present a methodology to cover the end-to-end testing process (from building the model until the test execution). This work tackles the gap between, on the one hand, generating abstract test cases from abstract models and, on the other hand, developing methods allowing concretizing these tests and automatically applying them on a real applications. Then, concerning the passive test approach, we present a methodology and a new tool for observing the behaviour of the communications of the web applications with external web services (for SOA based web applications) in order to check whether the observed behaviour is correct. All the methodologies and tools presented in this work are applied on two industrial case studies, Mission Handler and Travel Reservation Service, in order to validate our contributions in active and passive testing respectively Test passif Test actif Applications web Passive testing Active testing Web applications
42	Database Auto Awesome: Enhancing Database-Centric Web Applications through Informed Code Generation Adams, Jonathan 01 August 2017 (has links) Database Auto Awesome is an approach to enhancing web applications comprised of forms used to interact with stored information. It was inspired by Google's Auto Awesome tool, which provides automatic enhancements for photos. Database Auto Awesome aims to automatically or semi-automatically provide improvements to an application by expanding the functionality of the application and improving the existing code. This thesis describes a tool that gathers information from the application and provides details on how the parts of the application work together. This information provides the details necessary to generate new portions of an application. These enhancements are directed by the web application administrator through specifying what they would like to have generated, in terms of functionality. Once the administrator has provided this direction, the new application code is generated and put in updated or new files. Using this approach, Database Auto Awesome provides a viable solution for semi-automatically generating enhancements to an existing web application. database auto awesome web applications informed code generation Computer Sciences Other Computer Sciences Physical Sciences and Mathematics
43	Säkerhet och integritet i webbapplikationer : En orientering över säker utveckling / Security and Integrity in Web Applications : An orientation of safe development Nordlander, Mikael, Martinsson, Fredrik January 2010 (has links) <p>The use of Web applications is a growing area. While the possibilities and functionalities are increasing, so is the complexity of them, together with the threats against them because the complexity also opens up the application to vulnerabilities. It is therefore important for developers to know how a web application can be developed with security in mind.</p><p>This study’s intention has been to create an introductory documentation of what kind of techniques that exists which can produce higher security, which methods there can be within the development process and what to think about when programming secure web applications. In this paper we have investigated how theoretical manuals in the IT security department handles that area, and interviewed two developers from two different companies to see how they use security in their web applications.</p><p>The study has an exploratory technical perspective and does not explain how to practically use and interconnecting different security-enhancing technologies, but is more suppose to give a first glance at what is available and sow a seed for those interested to continue reading further about the subject. The results of the study was generated through comparison of the theoretical material with the empirical material, to then conclude the most prominent points of what are different and similar between those materials.</p><p>During the study some key points has been revealed for development: Responsibility for safety in the application lies, in the cases we looked at, with the developers to describe the technical possibilities and hence vulnerabilities when the client usually does not possess the same technical skills for that. The customer was, as the cases we studied, often not so proactive on safety and does not value it very high (if it was not a security-critical business such as being involved with defense technology). Because the customer in such cases didn’t put security as high priority, there existed a lack of motivation to spend extra money to combat threats that were not considered significant. In cases where extra recourses were spent on security, a measurement was developed that security should not cost more than the value of what it protects else the cost is unjustified. Finally it is noted that it is technically difficult to protect against human errors that can disarm the security, for example a simple or misplaced password.</p> IT-security web applications web development integrity Säkerhet webbapplikationer utveckling Informatics and systems science Informatik och systemvetenskap
44	Improved Usage Model for Web Application Reliability Testing Wan, Bo 31 July 2012 (has links) Testing the reliability of an application usually requires a good usage model that accurately captures the likely sequences of inputs that the application will receive from the environment. The models being used in the literature are mostly based on Markov chains. They are used to generate test cases that are statistically close to what the applica-tion is expected to receive when in production. In this thesis, we propose a model for reli-ability testing that is created directly from the log file of a web application. Our proposed model is also based on Markov chains and has two components: one component, based on a modified tree, captures the most frequent behaviors, while the other component is another Markov chain that captures infrequent behaviors. The result is a statistically cor-rect model that shows clearly what most users do on the site. The thesis also presents an evaluation method for estimating the accuracy of vari-ous reliability-testing usage models. The method is based on comparison between ob-served users’ traces and traces inferred from the usage model. Our method gauges the accuracy of the reliability-testing usage model by calculating the sum of goodness-of-fit values of each traces and scaling the result between 0 and 1. Finally, we present an experimental study on the log of a real web site and discuss the way to use proposed usage model to generate test sequences, as well as strength and weakness of the model for reliability testing. Web applications Usage models Reliability testing Markov chains Usage model evaluation
45	Analyzing demographic and geographic characteristics of "Cycle Atlanta" smartphone application users Poznanski, Alex Joshua 09 April 2013 (has links) The objective of this research is to analyze how the demographic characteristics and reported home locations of Cycle Atlanta smartphone app users compare to those of cyclists reflected by other datasets. The findings of this research show that the majority of Cycle Atlanta users are young, white males belonging to either a very high annual income group or a low annual income group, with fewer users belonging to middle-income groups. Most of the app's users live in east-side, ``intown' Atlanta neighborhoods. Other cyclist data for the Atlanta area show similar trends, although less pronounced than the trends exhibited by Cycle Atlanta users. Because smartphone apps such as Cycle Atlanta are a fairly recent innovation, there is still a great deal of uncertainty as to how equitably they can gather bicycle data. The research presented in this thesis has the potential to empower transportation planners to plan bicycle facilities that will benefit many different facets of the cycling community in Atlanta. This has the potential to increase the mode share of cycling in cities, which will reduce congestion and promote healthier lifestyles. Community Infrastructure Planning Atlanta Bicycle Data Smartphone Equity Application software Web applications
46	Säkerhet och integritet i webbapplikationer : En orientering över säker utveckling / Security and Integrity in Web Applications : An orientation of safe development Nordlander, Mikael, Martinsson, Fredrik January 2010 (has links) The use of Web applications is a growing area. While the possibilities and functionalities are increasing, so is the complexity of them, together with the threats against them because the complexity also opens up the application to vulnerabilities. It is therefore important for developers to know how a web application can be developed with security in mind. This study’s intention has been to create an introductory documentation of what kind of techniques that exists which can produce higher security, which methods there can be within the development process and what to think about when programming secure web applications. In this paper we have investigated how theoretical manuals in the IT security department handles that area, and interviewed two developers from two different companies to see how they use security in their web applications. The study has an exploratory technical perspective and does not explain how to practically use and interconnecting different security-enhancing technologies, but is more suppose to give a first glance at what is available and sow a seed for those interested to continue reading further about the subject. The results of the study was generated through comparison of the theoretical material with the empirical material, to then conclude the most prominent points of what are different and similar between those materials. During the study some key points has been revealed for development: Responsibility for safety in the application lies, in the cases we looked at, with the developers to describe the technical possibilities and hence vulnerabilities when the client usually does not possess the same technical skills for that. The customer was, as the cases we studied, often not so proactive on safety and does not value it very high (if it was not a security-critical business such as being involved with defense technology). Because the customer in such cases didn’t put security as high priority, there existed a lack of motivation to spend extra money to combat threats that were not considered significant. In cases where extra recourses were spent on security, a measurement was developed that security should not cost more than the value of what it protects else the cost is unjustified. Finally it is noted that it is technically difficult to protect against human errors that can disarm the security, for example a simple or misplaced password. IT-security web applications web development integrity Säkerhet webbapplikationer utveckling Informatics and systems science Informatik och systemvetenskap
47	Ontology Population Using Human Computation Evirgen, Gencay Kemal 01 January 2010 (has links) (PDF) In recent years, many researchers have developed new techniques on ontology population. However, these methods cannot overcome the semantic gap between humans and the extracted ontologies. Words-Around is a web application that forms a user-friendly environment which channels the vast Internet population to provide data towards solving ontology population problem that no known efficient computer algorithms can yet solve. This application&rsquo / s fundamental data structure is a list of words that people naturally link to each other. It displays these lists as a word cloud that is fun to drag around and play with. Users are prompted to enter whatever word comes to their mind upon seeing a word that is suggested from the application&rsquo / s database / or they can search for one word in particular to see what associations other users have made to it. Once logged in, users can view their activity history, which words they were the first to associate, and mark particular words as misspellings or as junk, to help keep the list&rsquo / s structure to be relevant and accurate. The results of this implementation indicate the fact that an interesting application that enables users just to play with its visual elements can also be useful to gather information. QA Computer Software 76.75-76.765
48	Automated Navigation Model Extraction For Web Load Testing Kara, Ismihan Refika 01 December 2011 (has links) (PDF) Web pages serve a huge number of internet users in nearly every area. An adequate testing is needed to address the problems of web domains for more efficient and accurate services. We present an automated tool to test web applications against execution errors and the errors occured when many users connect the same server concurrently. Our tool, called NaMoX, attains the clickables of the web pages, creates a model exerting depth first search algorithm. NaMoX simulates a number of users, parses the developed model, and tests the model by branch coverage analysis. We have performed experiments on five web sites. We have reported the response times when a click operation is eventuated. We have found 188 errors in total. Quality metrics are extracted and this is applied to the case studies. QA Computer Software 76.75-76.765
49	Selected Papers of the International Workshop on Smalltalk Technologies (IWST’10) : Barcelona, Spain, September 14, 2010 January 2010 (has links) The goal of the IWST workshop series is to create and foster a forum around advancements of or experience in Smalltalk. The workshop welcomes contributions to all aspects, theoretical as well as practical, of Smalltalk-related topics. / Zweck der IWST-Workshop-Reihe ist die Formung und Pflege eines Forums fŸr die Diskussion von Fortschritten und Arbeitsergebnissen mit der Programmierumgebung Smalltalk. Der Workshop beinhaltet BeitrŠge zu allen Aspekten von auf Smalltalk bezogenen Arbeiten sowohl theoretischer als auch praktischer Natur. Smalltalk Programmierung Web-Anwendungen Fehlersuche Laufzeitanalyse smalltalk programming web-applications debugging profiling Data processing Computer science
50	Designing security policies and frameworks for web applications Singh, Kapil 24 May 2011 (has links) The new developments behind Web 2.0 have increased the complexity of web systems making the task of securing these systems a challenging problem. As a result, end-to-end security for web access has been hindered by the limitations of current web security policies and by the lack of systems that enable effective enforcement of policies. The focus of this dissertation is on how new tools and frameworks may be designed to aid the protection of web systems by acting as policy specification and enforcement points. In particular, we develop a set of policies and frameworks for three web players--the user, the web browser and the web application--that determine the end-to-end security of web content. Our contributions include a framework for users to specify security policies, a platform to enforce user policies for third-party applications, a systematic analysis of browser policy issues, and a mechanism to provide improved end-to-end security/integrity guarantees. Security policies Web security Web applications Web 2.0 User-generated content Social media

Search results