Presentation is loading. Please wait.

Presentation is loading. Please wait.

PRESENTED BY ESHWARI MENTE, NAVEEN DANTURI, AGASTHESWAR.

Published bySheena Jenkins Modified over 9 years ago

Similar presentations

Presentation on theme: "PRESENTED BY ESHWARI MENTE, NAVEEN DANTURI, AGASTHESWAR."— Presentation transcript:

1 PRESENTED BY ESHWARI MENTE, NAVEEN DANTURI, AGASTHESWAR

2  Dr. Kevin Gary is an associate professor in College of Technology and Innovation at Arizona State University.  His research interests includes:  Software engineering  Systems architecture  Web applications  Databases  Enterprise computing  Image guided surgery  Computational intelligence  Technology supported teaching and learning.

3  IGSTK - Technology assisted surgical procedures  Robotic Notes (Robotic Natural Orifice Transluminal Endoscopic Surgery)  Cochlear Implants  The Software Enterprise Courses offered at ASU: o CSE515-Multimedia & Web Databases o CST533 - DB-centric Enterprise App. Dev o CST 515 - Software Enterprise: Inception and Elaboration

4

5  The software industry is currently experiencing a paradigm shift towards web based software.  There is an impending mismatch between web and software development  Mashware software that leverages source code and software components that are downloaded dynamically from all over the world.  The trend towards Mashware will aggravate the gap between web and software development.

6  First phase: Simple page structured documents  Second phase: Increasingly interactive with graphics, animation and plug–in.  Recent trend is towards desktop-style web applications.

7  A mashup is a web site that combines content from multiple web sites into an integrated experience.  Allows unparalleled sharing and reuse of software, data, layout and visualization information, or any other content across the planet. This increases productivity and reusability.

8  The principles and practices for web development evolved rather independently of the principles and practices for software engineering

9  Software engineering principle violations  Usability and user interaction issues  Networking and security issues  Browser inoperability and incompatibility issues  Development style and testing issues  Deployment model changes  Performance issues.

10  So far, web engineering and software engineering have evolved as separate fields.  It is time to forget the origins of the browser as a document viewing environment and to start treating the Web as a real, full-fledged application platform – one whose capabilities will eventually far exceed those of the earlier software platforms.

11 FINDING EMERGENT PROPERTIES OF WEB APPLICATION DEVELOPMENT PLATFORMS BY ULRICH STÄRK, LUTZ PRECHELT, ILIJA JOLEVSKI

12  “What is a Web Development Framework”  Functions of Web application Framework  Types of frameworks  “What web framework should we use” xkcd.com/292 by Randall Munroe

13  Package to support construction of dynamic web applications.  Alleviating the repetitive overhead of development patterns.  Develop apps compatible with different Browsers.  More sophisticated, interactive, and well- managed

14  Provide Core Functionality.  Promote reusability and pluggability.  Good at organizing large projects.  Program actions and logic are separated from the HTML, CSS and design files.  Implement complex functionalities in efficient manner.  Enforce best coding practices.

15  Model–view–controller (MVC)  Push-based vs. pull-based  Three-tier organization  Content management systems

16 10 BEST FREE WEB APPLICATION FRAMEWORKS Web Application Frameworks Ruby on Rails MVC ruby based framework geared for web application development CodeIgniter Powerful PHP framework with a very small footprint Django Python framework which encourages rapid development and clean design CakePHP MVC rapid application development framework for PHP Zend Framework Simple, straightforward, open-source software framework for PHP 5 Yii High-performance component-based PHP framework Pylons Python web framework emphasizing flexibility and rapid development Catalyst Elegant MVC Web Application Framework Symfony Full-stack framework TurboGears Next generation TurboGears built on Pylons

17 PERFORMANCE COMPARISON  Speed and agility of building applications in Rails.  ROR syntax is more cryptic than that of Perl.  Python with Django combination yields high performance.  PHP with Symfony is the easiest language to code in, has security issues.  Java still chugging on Struts 1.X, JSF is promising. Perl code tends to be small in size.

18

19  Whitepaper will provide a unique insight into the state of web application security  Number of Issues in Web Application penetration test increased in 2011  Most Prevalent issues  Server Misconfiguration  Information Leakage  Cross Scripting effect 2/3 rd and SQL Injection effect 1/5 th applications in 2011  Input Validation Issues have decreased from 2010 to 2011  In General issues identified remains constant indicates “Developers Tend to make Same Issues”

20

21  Server Configuration  Information Leakage  Authentication Weakness  Session Management Weakness  Authorization Weakness  Input Validation Weakness  Encryption Vulnerabilities  Other

22

23

24

25

26

27

28

29

30

31  Injection (SQL, LDAP, XPATH, OS command)  Cross-Site Scripting (XSS)  Broken Authentication and Session Management  Insecure Direct Object References  Cross-Site Request Forgery (CSRF)  Security Misconfiguration  Insecure Cryptographic Storage  Failure to Restrict URL Access  Insufficient Transport Layer Protection  Un-validated Redirects and Forwards

32

33  WWW: World-Wide Web Conference  WebDB: International Workshop on the Web and Databases  WCW: Web Caching Workshop  WIDM: International Workshop on Web Information and Data Management  International Journal of Web Applications  International Journal of Web Services Research

34  http://www.isr.uci.edu/architecture/research.html http://www.isr.uci.edu/architecture/research.html  http://laser.cs.umass.edu/ http://laser.cs.umass.edu/  http://www.cs.umass.edu/faculty/software-systems-and-architecture http://www.cs.umass.edu/faculty/software-systems-and-architecture  Issues, Challenges and Opportunities for Research in Software Engineering by Manish K Anand, Vasudeva Varma Conference on Software Engineering and Applications (SEA 2004), November 09- 1, 2004, MIT Cambridge, USA.  Major Issues in Software Engineering Project Management RICHARD H. THAYER, MEMBER, IEEE, ARTHUR B. PYSTER, MEMBER, IEEE, AND ROGER C. WOOD, MEMBER, IEEE  Web Application Vulnerability Statistics 2010-2011 Alex Hopkins :whitepapers@contextis.com  http://perso.crans.org/~genest/conf.html http://perso.crans.org/~genest/conf.html  http://www.igi-global.com/journal/international-journal-web-services-research/1079 http://www.igi-global.com/journal/international-journal-web-services-research/1079  http://dline.info/ijwa/ http://dline.info/ijwa/  PlatForms 2011: Finding Emergent Properties of Web Application Development Platforms- Ulrich Stärk, Lutz Prechelt, Ilija Jolevski  The Mashware Challenge: Bridging the Gap Between Web Development and Software Engineering - Tommi Mikkonen, Antero Taivalsaari

Download ppt "PRESENTED BY ESHWARI MENTE, NAVEEN DANTURI, AGASTHESWAR."

Similar presentations

Don’t get Stung (An introduction to the OWASP Top Ten Project) Barry Dorrans Microsoft Information Security Tools NEW AND IMPROVED!

Don’t get Stung (An introduction to the OWASP Top Ten Project) Barry Dorrans Microsoft Information Security Tools NEW AND IMPROVED!
{ Model View Controller ASP.NET By Scott Crooks & Maggie Wettergreen.

{ Model View Controller ASP.NET By Scott Crooks & Maggie Wettergreen.
Fabian Vilers Hands on ASP.NET MVC.

Fabian Vilers Hands on ASP.NET MVC.
An Agile Approach for Web Systems Engineering A Presentation of an Article by V.E.S. Souza and R.A. Falbo.

An Agile Approach for Web Systems Engineering A Presentation of an Article by V.E.S. Souza and R.A. Falbo.
DATABASE APPLICATION DEVELOPMENT SAK 3408 The Web and DBMS.

DATABASE APPLICATION DEVELOPMENT SAK 3408 The Web and DBMS.
Kashif Jalal CA-240 (072) Web Development Using ASP.NET CA – 240 Kashif Jalal Welcome to week – 2 of…

Kashif Jalal CA-240 (072) Web Development Using ASP.NET CA – 240 Kashif Jalal Welcome to week – 2 of…
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
CS 290C: Formal Models for Web Software Lecture 1: Introduction Instructor: Tevfik Bultan.

CS 290C: Formal Models for Web Software Lecture 1: Introduction Instructor: Tevfik Bultan.
1 CS6320 – Why Servlets? L. Grewe 2 What is a Servlet? Servlets are Java programs that can be run dynamically from a Web Server Servlets are Java programs.

1 CS6320 – Why Servlets? L. Grewe 2 What is a Servlet? Servlets are Java programs that can be run dynamically from a Web Server Servlets are Java programs.
What is Web Design The term “web design” has come to encompass a number of disciplines, including: Visual (graphic) design User interface and experience.

What is Web Design The term “web design” has come to encompass a number of disciplines, including: Visual (graphic) design User interface and experience.
1 CS428 Web Engineering Lecture 18 Introduction (PHP - I)

1 CS428 Web Engineering Lecture 18 Introduction (PHP - I)
269200 Web Programming Language Dr. Ken Cosh Week 1 (Introduction)

Web Programming Language Dr. Ken Cosh Week 1 (Introduction)
DR. MOHAMMAD IQBAL THANKS TO ADITYA SENGUPTA Comparing Web Frameworks.

DR. MOHAMMAD IQBAL THANKS TO ADITYA SENGUPTA Comparing Web Frameworks.
159.339 Quick Tour of the Web Technologies: The BIG picture LECTURE A bird’s eye view of the different web technologies that we shall explore and study.

Quick Tour of the Web Technologies: The BIG picture LECTURE A bird’s eye view of the different web technologies that we shall explore and study.
WEB DESIGN SOME FOUNDATIONS. SO WHAT IS THIS INTERNET.

WEB DESIGN SOME FOUNDATIONS. SO WHAT IS THIS INTERNET.
Overview of Framework by Ahamed Rifaudeen A. page - i Steps before entering into the Framework?  Basic knowledge of object-oriented programming (OOP)

Overview of Framework by Ahamed Rifaudeen A. page - i Steps before entering into the Framework?  Basic knowledge of object-oriented programming (OOP)
UNIT-V The MVC architecture and Struts Framework.

UNIT-V The MVC architecture and Struts Framework.
Java Server Pages (JSP) Presented by: Ananth Prasad & Alex Ivanov May 10, 2001.

Java Server Pages (JSP) Presented by: Ananth Prasad & Alex Ivanov May 10, 2001.
RUBY ON RAILS It’s so rad. What we’ll cover  What is Ruby?  What is RoR?  Why RoR?  Developing with RoR  Deployment  Demo  Questions.

RUBY ON RAILS It’s so rad. What we’ll cover  What is Ruby?  What is RoR?  Why RoR?  Developing with RoR  Deployment  Demo  Questions.
Ruby on Rails CSCI 6314 David Gaspar Jennifer Garcia Avila.

Ruby on Rails CSCI 6314 David Gaspar Jennifer Garcia Avila.

Similar presentations

Ads by Google