This document proposes an object-oriented experimental setup for secure web application development using a security performance flexibility (SPF) model with SELinux, a trusted operating system. The SPF model allows administrators to disable some security checks to balance security and performance needs. The paper presents a class diagram for a sample online store application developed using UML 2.0. Sample C++ code is also provided. Results show the SPF model reduces the number of security checks executed in SELinux, improving performance while maintaining security.
A Trusted Integrity verification Architecture for Commodity ComputersEditor IJCATR
Trust is an indispensable part of the computing environment, the validity of any transaction or information depends heavily
on the authenticity of the information source. In this context, many mechanisms for ensuring the authenticity of the information source
were developed, including password verification and biometrics. But as the attacks are directed towards the computing platform and
the applications running on the computer, all these initial security mechanisms are not sufficient. It is essential to ensure before making
a secure transaction that the system is in a good state (or say some authorized state) and maintains its integrity throughout the
execution time. The emergence of the Trusted Platform Module (TPM) has added to the security feature of a computer. Mechanisms
are in place which guarantee system integrity but very little is known about the state of the applications running on them. We propose
a system which notifies the user if the integrity of an application is violated and stops it. Our system also compares the current system
state with a known good value to ensure platform integrity.
Secure System Password (SSP) Application for NT Editor Hacking Tooliosrjce
In windows, the password will be stored in SAM registry by default. This SAM registry hides the
windows password when the system is in ON state. The password in SAM registry will be cleared or changed by
using NT Editor Tool. So that data can be accessed by any user. Security for the windows will be done by the
proposed system as an application. If the user wants to install new OS then the data in the hard disk will be
encrypted for prevention of unauthorized access. The application will be start monitoring to avoid password remodification
or clearing the password. Features in this application is, if the user hacks the application
password, SSP does not allow the users to access USB, Ethernet and CD/DVD drive. Application will stop the
access of the driver ports, until it is re-installed or the password is set right.
EMPLOYEE TRUST BASED INDUSTRIAL DEVICE DEPLOYMENT AND INITIAL KEY ESTABLISHMENTIJNSA Journal
An efficient key management system is required to support cryptography. Most key management systems use either pre-installed shared keys or install initial security parameters using out-of-band channels. These methods create an additional burden for engineers who manage the devices in industrial plants. Hence, device deployment in industrial plants becomes a challenging task in order to achieve security. In this work, we present a device deployment framework that can support key management using the existing trust towards employees in a plant. This approach reduces the access to initial security parameters by employees; rather it helps to bind the trust of the employee with device commissioning. Thus, this approach
presents a unique solution to the device deployment problem. Further, through a proof-of-concept implementation and security analysis using the AVISPA tool, we present that our framework is feasible to implement and satisfies our security objectives.
An efficient key management system is required to support cryptography. Most key management systems use either pre-installed shared keys or install initial security parameters using out-of-band channels. These methods create an additional burden for engineers who manage the devices in industrial plants. Hence, device deployment in industrial plants becomes a challenging task in order to achieve security. In this work, we present a device deployment framework that can support key management using the existing trust towards employees in a plant. This approach reduces the access to initial security parameters by employees; rather it helps to bind the trust of the employee with device commissioning. Thus, this approach presents a unique solution to the device deployment problem. Further, through a proof-of-concept implementation and security analysis using the AVISPA tool, we present that our framework is feasible to implement and satisfies our security objectives.
A Trusted Integrity verification Architecture for Commodity ComputersEditor IJCATR
Trust is an indispensable part of the computing environment, the validity of any transaction or information depends heavily
on the authenticity of the information source. In this context, many mechanisms for ensuring the authenticity of the information source
were developed, including password verification and biometrics. But as the attacks are directed towards the computing platform and
the applications running on the computer, all these initial security mechanisms are not sufficient. It is essential to ensure before making
a secure transaction that the system is in a good state (or say some authorized state) and maintains its integrity throughout the
execution time. The emergence of the Trusted Platform Module (TPM) has added to the security feature of a computer. Mechanisms
are in place which guarantee system integrity but very little is known about the state of the applications running on them. We propose
a system which notifies the user if the integrity of an application is violated and stops it. Our system also compares the current system
state with a known good value to ensure platform integrity.
Secure System Password (SSP) Application for NT Editor Hacking Tooliosrjce
In windows, the password will be stored in SAM registry by default. This SAM registry hides the
windows password when the system is in ON state. The password in SAM registry will be cleared or changed by
using NT Editor Tool. So that data can be accessed by any user. Security for the windows will be done by the
proposed system as an application. If the user wants to install new OS then the data in the hard disk will be
encrypted for prevention of unauthorized access. The application will be start monitoring to avoid password remodification
or clearing the password. Features in this application is, if the user hacks the application
password, SSP does not allow the users to access USB, Ethernet and CD/DVD drive. Application will stop the
access of the driver ports, until it is re-installed or the password is set right.
EMPLOYEE TRUST BASED INDUSTRIAL DEVICE DEPLOYMENT AND INITIAL KEY ESTABLISHMENTIJNSA Journal
An efficient key management system is required to support cryptography. Most key management systems use either pre-installed shared keys or install initial security parameters using out-of-band channels. These methods create an additional burden for engineers who manage the devices in industrial plants. Hence, device deployment in industrial plants becomes a challenging task in order to achieve security. In this work, we present a device deployment framework that can support key management using the existing trust towards employees in a plant. This approach reduces the access to initial security parameters by employees; rather it helps to bind the trust of the employee with device commissioning. Thus, this approach
presents a unique solution to the device deployment problem. Further, through a proof-of-concept implementation and security analysis using the AVISPA tool, we present that our framework is feasible to implement and satisfies our security objectives.
An efficient key management system is required to support cryptography. Most key management systems use either pre-installed shared keys or install initial security parameters using out-of-band channels. These methods create an additional burden for engineers who manage the devices in industrial plants. Hence, device deployment in industrial plants becomes a challenging task in order to achieve security. In this work, we present a device deployment framework that can support key management using the existing trust towards employees in a plant. This approach reduces the access to initial security parameters by employees; rather it helps to bind the trust of the employee with device commissioning. Thus, this approach presents a unique solution to the device deployment problem. Further, through a proof-of-concept implementation and security analysis using the AVISPA tool, we present that our framework is feasible to implement and satisfies our security objectives.
Design of Intrusion Tolerance System based on Service Redundancy LevelIOSRJEEE
The Internet is an open space where a great number of computer systems are connected. Since many services are provided through the Internet, malicious users can easily intrude on any of those systems by using the vulnerabilities of the Internet. Although Intrusion Detection and Prevention System (IDPS) can be used to defend against such malicious activities, it is not always possible to completely protect a targeted system against the attacks. For this reason, Intrusion Tolerance Systems (ITS) has been proposed to maintain services even in threatening environments, where some malicious attacks have intruded into a system successfully. In this paper, we propose a new ITS based upon maintaining a service redundancy level to ensure that all services are properly provided to users even if a malicious intrusions such as VM (virtual machine) escape attack exists. The simulation results show that the proposed scheme can guarantee the operation of every ongoing service by maintaining the service redundancy level of all services
A COMBINATION OF THE INTRUSION DETECTION SYSTEM AND THE OPEN-SOURCE FIREWALL ...IJCNCJournal
There are many security models for computer networks using a combination of Intrusion Detection System and Firewall proposed and deployed in practice. In this paper, we propose and implement a new model of the association between Intrusion Detection System and Firewall operations, which allows Intrusion Detection System to automatically update the firewall filtering rule table whenever it detects a weirdo intrusion. This helps protect the network from attacks from the Internet.
Replication of attacks in a wireless sensor network using ns2eSAT Journals
Abstract A Wireless Sensor Network (WSN) comprises of sovereign sensor devices that are used to supervise physical and environmental conditions like temperature and pressure. The WSN is built of hundreds and thousands of recognizing stations called nodes, where each node consists of one or more sensors having a radio transceiver, an internal/external antenna, a microcontroller and a battery. Wireless sensor networks are the systems that are used to communicate by sensing the behavioral changes and the sensing nodes will collect the data and it will get handled. After data handling, the data will be sent to the receiver. The wireless sensor networks have to be fortified from network attacks especially at unfavorable situations because data can easily be obtained by the attackers. There are also some security protocols being implemented in sensor networks. There are some limitations in a wireless sensor network like they have limited storage capacity, limited capability of processing and limited energy to transmit data. These drawbacks can make wireless sensor network different from other networks. The imitation of the attacks are done in the NS2 simulator. By imitating, the performance of the network can be monitored. Keywords: Network Security, Wireless, Sensor, Internet, System Security, Simulator, NS2, Simulation of attacks.
Generic Security Framework for Multiple Heterogeneous Virtual InfrastructuresIJRES Journal
Virtualization continues to take center stage at IT industry, yet many organizations are finding it difficult to secure virtualized environments. Security is a critical component in the growing IT system surrounding virtualization. Many organizations find the security challenges associated with virtualization to be a major hurdle, companies of all kinds across all industries are looking towards addressing business and security needs in the virtual infrastructure. There are many research work done before about how to check the compliance status of the cloud platform, not of the virtual machines running on the platform. This paper proposes the security framework for multiple heterogeneous virtual machines which assess the compliance security of the virtual machines. In this paper we make use of REST APIs, using which we create remote session on the virtual machines and fetch the machine values which will be parsed to get the required values for assessment.
Design of Intrusion Tolerance System based on Service Redundancy LevelIOSRJEEE
The Internet is an open space where a great number of computer systems are connected. Since many services are provided through the Internet, malicious users can easily intrude on any of those systems by using the vulnerabilities of the Internet. Although Intrusion Detection and Prevention System (IDPS) can be used to defend against such malicious activities, it is not always possible to completely protect a targeted system against the attacks. For this reason, Intrusion Tolerance Systems (ITS) has been proposed to maintain services even in threatening environments, where some malicious attacks have intruded into a system successfully. In this paper, we propose a new ITS based upon maintaining a service redundancy level to ensure that all services are properly provided to users even if a malicious intrusions such as VM (virtual machine) escape attack exists. The simulation results show that the proposed scheme can guarantee the operation of every ongoing service by maintaining the service redundancy level of all services
A COMBINATION OF THE INTRUSION DETECTION SYSTEM AND THE OPEN-SOURCE FIREWALL ...IJCNCJournal
There are many security models for computer networks using a combination of Intrusion Detection System and Firewall proposed and deployed in practice. In this paper, we propose and implement a new model of the association between Intrusion Detection System and Firewall operations, which allows Intrusion Detection System to automatically update the firewall filtering rule table whenever it detects a weirdo intrusion. This helps protect the network from attacks from the Internet.
Replication of attacks in a wireless sensor network using ns2eSAT Journals
Abstract A Wireless Sensor Network (WSN) comprises of sovereign sensor devices that are used to supervise physical and environmental conditions like temperature and pressure. The WSN is built of hundreds and thousands of recognizing stations called nodes, where each node consists of one or more sensors having a radio transceiver, an internal/external antenna, a microcontroller and a battery. Wireless sensor networks are the systems that are used to communicate by sensing the behavioral changes and the sensing nodes will collect the data and it will get handled. After data handling, the data will be sent to the receiver. The wireless sensor networks have to be fortified from network attacks especially at unfavorable situations because data can easily be obtained by the attackers. There are also some security protocols being implemented in sensor networks. There are some limitations in a wireless sensor network like they have limited storage capacity, limited capability of processing and limited energy to transmit data. These drawbacks can make wireless sensor network different from other networks. The imitation of the attacks are done in the NS2 simulator. By imitating, the performance of the network can be monitored. Keywords: Network Security, Wireless, Sensor, Internet, System Security, Simulator, NS2, Simulation of attacks.
Generic Security Framework for Multiple Heterogeneous Virtual InfrastructuresIJRES Journal
Virtualization continues to take center stage at IT industry, yet many organizations are finding it difficult to secure virtualized environments. Security is a critical component in the growing IT system surrounding virtualization. Many organizations find the security challenges associated with virtualization to be a major hurdle, companies of all kinds across all industries are looking towards addressing business and security needs in the virtual infrastructure. There are many research work done before about how to check the compliance status of the cloud platform, not of the virtual machines running on the platform. This paper proposes the security framework for multiple heterogeneous virtual machines which assess the compliance security of the virtual machines. In this paper we make use of REST APIs, using which we create remote session on the virtual machines and fetch the machine values which will be parsed to get the required values for assessment.
Metric for Evaluating Availability of an Information System : A Quantitative ...IJNSA Journal
The purpose of the paper is to present a metric for availability based on the design of the information
system. The availability metric proposed in this paper is twofold, based on the operating program and
network delay metric of the information system (For the local bound component composition the
availability metric is purely based on the software/operating program, for the remote bound component
composition the metric incorporates the delay metric of the network). The aim of the paper is to present a
quantitative availability metric derived from the component composition of an Information System, based
on the dependencies among the individual measurable components of the system. The metric is used for
measuring and evaluating availability of an information system from the security perspective, the
measurements may be done during the design phase or may also be done after the system is fully
functional. The work in the paper provides a platform for further research regarding the quantitative
security metric (based on the components of an information system i.e. user, hardware, operating
program and the network.) for an information system that addresses all the attributes of information and
network security.
An Investigation of Using Privilege Level System to Restrict Employers for Us...CSCJournals
This paper provides the security level for employees in the organization that prevents them to use or to browse some website that are not allowed to be seen during work time. However, there are many ready software tools have available which do the same task, but we will try finding a new algorithm to investigate the better solution for this research question. The main reason of our research is to provide an open source software that can be easily manipulated by providers rather than ready software. For example, tools that cannot be updated by the organization administrator (none open source software).
International Journal of Engineering and Science Invention (IJESI)inventionjournals
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.
1 hour ago
Srinivas Goud Thadakapally
week 3 discussion
COLLAPSE
Top of Form
Separation in a network is essential, of course. It would be more annoyed with that much knowledgeability and security features if it were only about security. However, it makes this network much more flexible, and in some ways makes it more secure. It reduces the potential for internal and external attacks on the same network and makes it harder for someone to take over the network. Furthermore, this separation keeps our data away from third parties. Separation of access is essential in a network, for example, to ensure that a user cannot access the whole network. It is common for specific applications and software installations on the personal computer to operate in the background. In this regard, it is possible to customize the software operating mode to make the software operation hidden to not be visible to the user. No one server or group of servers is going to have to withstand many other servers. The first line of defense in any IT environment is resource partitioning to enable critical infrastructure to handle all requests without overloading the primary server (Jaeger et al., 2016).
Separation is basically the process of using multiple processes with some type of separation for Process separation of access to objects and data. Separation (or transient segregation) can occur in both physical and logical network segments. The trick with security is to keep it away from the IT infrastructure. For example, a firewall is still strictly considered a technical security tool because it is not supposed to affect business activities. it is possible to separate administrative control, physical systems, and data between those with different roles within the organization. The behavior within the network is like partitioning an IT environment into discrete services, although some elements of this concept have not been adopted in Active Directory–in particular, policies and modules. A system administrator can move control of the administrative control of physical systems or systems within the network to a different server. However, when implementing security controls on deployments, it becomes essential to understand the scale at which the resources need to be distributed. Simply put, separation makes IT more secure (Liu et al., 2019).
References
Jaeger, B., Kraft, R., Luhn, S., Selzer, A., & Waldmann, U. (2016, August). Access Control and Data Separation Metrics in Cloud Infrastructures. In 2016 11th International Conference on Availability, Reliability, and Security (ARES) (pp. 205-210). IEEE.
Liu, W., Zhang, K., Tu, B., & Lin, K. (2019, August). HyperPS: A Hypervisor Monitoring Approach Based on Privilege Separation. In 2019 IEEE 21st International Conference on High-Performance Computing and Communications; IEEE 17th International Conference on Smart City; IEEE 5th International Conference on Data Science and Systems (HPCC/SmartCity/DSS) (pp. 981-988). IEEE.
Bott.
1 hour ago
Srinivas Goud Thadakapally
week 3 discussion
COLLAPSE
Top of Form
Separation in a network is essential, of course. It would be more annoyed with that much knowledgeability and security features if it were only about security. However, it makes this network much more flexible, and in some ways makes it more secure. It reduces the potential for internal and external attacks on the same network and makes it harder for someone to take over the network. Furthermore, this separation keeps our data away from third parties. Separation of access is essential in a network, for example, to ensure that a user cannot access the whole network. It is common for specific applications and software installations on the personal computer to operate in the background. In this regard, it is possible to customize the software operating mode to make the software operation hidden to not be visible to the user. No one server or group of servers is going to have to withstand many other servers. The first line of defense in any IT environment is resource partitioning to enable critical infrastructure to handle all requests without overloading the primary server (Jaeger et al., 2016).
Separation is basically the process of using multiple processes with some type of separation for Process separation of access to objects and data. Separation (or transient segregation) can occur in both physical and logical network segments. The trick with security is to keep it away from the IT infrastructure. For example, a firewall is still strictly considered a technical security tool because it is not supposed to affect business activities. it is possible to separate administrative control, physical systems, and data between those with different roles within the organization. The behavior within the network is like partitioning an IT environment into discrete services, although some elements of this concept have not been adopted in Active Directory–in particular, policies and modules. A system administrator can move control of the administrative control of physical systems or systems within the network to a different server. However, when implementing security controls on deployments, it becomes essential to understand the scale at which the resources need to be distributed. Simply put, separation makes IT more secure (Liu et al., 2019).
References
Jaeger, B., Kraft, R., Luhn, S., Selzer, A., & Waldmann, U. (2016, August). Access Control and Data Separation Metrics in Cloud Infrastructures. In 2016 11th International Conference on Availability, Reliability, and Security (ARES) (pp. 205-210). IEEE.
Liu, W., Zhang, K., Tu, B., & Lin, K. (2019, August). HyperPS: A Hypervisor Monitoring Approach Based on Privilege Separation. In 2019 IEEE 21st International Conference on High-Performance Computing and Communications; IEEE 17th International Conference on Smart City; IEEE 5th International Conference on Data Science and Systems (HPCC/SmartCity/DSS) (pp. 981-988). IEEE.
Bott.
Content-Based Image Retrieval (CBIR) systems have been used for the searching of relevant images in various research areas. In CBIR systems features such as shape, texture and color are used. The extraction of features is the main step on which the retrieval results depend. Color features in CBIR are used as in the color histogram, color moments, conventional color correlogram and color histogram. Color space selection is used to represent the information of color of the pixels of the query image. The shape is the basic characteristic of segmented regions of an image. Different methods are introduced for better retrieval using different shape representation techniques; earlier the global shape representations were used but with time moved towards local shape representations. The local shape is more related to the expressing of result instead of the method. Local shape features may be derived from the texture properties and the color derivatives. Texture features have been used for images of documents, segmentation-based recognition,and satellite images. Texture features are used in different CBIR systems along with color, shape, geometrical structure and sift features.
The cyber attacks have become most prevalent in the past few years. During this time, attackers have discovered new vulnerabilities to carry out malicious activities on the internet. Both the clients and the servers have been victimized by the attackers. Clickjacking is one of the attacks that have been adopted by the attackers to deceive the innocuous internet users to initiate some action. Clickjacking attack exploits one of the vulnerabilities existing in the web applications. This attack uses a technique that allows cross domain attacks with the help of userinitiated clicks and performs unintended actions. This paper traces out the vulnerabilities that make a website vulnerable to clickjacking attack and proposes a solution for the same.
Performance Analysis of Audio and Video Synchronization using Spreaded Code D...Eswar Publications
The audio and video synchronization plays an important role in speech recognition and multimedia communication. The audio-video sync is a quite significant problem in live video conferencing. It is due to use of various hardware components which introduces variable delay and software environments. The objective of the synchronization is used to preserve the temporal alignment between the audio and video signals. This paper proposes the audio-video synchronization using spreading codes delay measurement technique. The performance of the proposed method made on home database and achieves 99% synchronization efficiency. The audio-visual
signature technique provides a significant reduction in audio-video sync problems and the performance analysis of audio and video synchronization in an effective way. This paper also implements an audio- video synchronizer and analyses its performance in an efficient manner by synchronization efficiency, audio-video time drift and audio-video delay parameters. The simulation result is carried out using mat lab simulation tools and simulink. It is automatically estimating and correcting the timing relationship between the audio and video signals and maintaining the Quality of Service.
Due to the availability of complicated devices in industry, models for consumers at lower cost of resources are developed. Home Automation systems have been developed by several researchers. The limitations of home automation includes complexity in architecture, higher costs of the equipment, interface inflexibility. In this paper as we have proposed, the working protocol of PIC 16F72 technology is which is secure, cost efficient, flexible that leads to the development of efficient home automation systems. The system is operational to control various home appliances like fans, Bulbs, Tube light. The following paper describes about components used and working of all components connected. The home automation system makes use of Android app entitled “Home App” which gives
flexibility and easy to use GUI.
Semantically Enchanced Personalised Adaptive E-Learning for General and Dysle...Eswar Publications
E-learning plays an important role in providing required and well formed knowledge to a learner. The medium of e- learning has achieved advancement in various fields such as adaptive e-learning systems. The need for enhancing e-learning semantically can enhance the retrieval and adaptability of the learning curriculum. This paper provides a semantically enhanced module based e-learning for computer science programme on a learnercentric perspective. The learners are categorized based on their proficiency for providing personalized learning environment for users. Learning disorders on the platform of e-learning still require lots of research. Therefore, this paper also provides a personalized assessment theoretical model for alphabet learning with learning objects for
children’s who face dyslexia.
Agriculture plays an important role in the economy of our country. Over 58 percent of the rural households depend on the agriculture sector as their means of livelihood. Agriculture is one of the major contributors to Gross Domestic Product(GDP). Seeds are the soul of agriculture. This application helps in reducing the time for the researchers as well as farmers to know the seedling parameters. The application helps the farmers to know about the percentage of seedlings that will grow and it is very essential in estimating the yield of that particular crop. Manual calculation may lead to some error, to minimize that error, the developed app is used. The scientist and farmers require the app to know about the physiological seed quality parameters and to take decisions regarding their farming activities. In this article a desktop app for seed germination percentage and vigour index calculation are developed in PHP scripting language.
What happens when adaptive video streaming players compete in time-varying ba...Eswar Publications
Competition among adaptive video streaming players severely diminishes user-QoE. When players compete at a bottleneck link many do not obtain adequate resources. This imbalance eventually causes ill effects such as screen flickering and video stalling. There have been many attempts in recent years to overcome some of these problems. However, added to the competition at the bottleneck link there is also the possibility of varying network bandwidth which can make the situation even worse. This work focuses on such a situation. It evaluates current heuristic adaptive video players at a bottleneck link with time-varying bandwidth conditions. Experimental setup includes the TAPAS player and emulated network conditions. The results show PANDA outperforms FESTIVE, ELASTIC and the Conventional players.
WLI-FCM and Artificial Neural Network Based Cloud Intrusion Detection SystemEswar Publications
Security and Performance aspects of cloud computing are the major issues which have to be tended to in Cloud Computing. Intrusion is one such basic and imperative security problem for Cloud Computing. Consequently, it is essential to create an Intrusion Detection System (IDS) to detect both inside and outside assaults with high detection precision in cloud environment. In this paper, cloud intrusion detection system at hypervisor layer is developed and assesses to detect the depraved activities in cloud computing environment. The cloud intrusion detection system uses a hybrid algorithm which is a fusion of WLI- FCM clustering algorithm and Back propagation artificial Neural Network to improve the detection accuracy of the cloud intrusion detection system. The proposed system is implemented and compared with K-means and classic FCM. The DARPA’s KDD cup dataset 1999 is used for simulation. From the detailed performance analysis, it is clear that the proposed system is able to detect the anomalies with high detection accuracy and low false alarm rate.
Spreading Trade Union Activities through Cyberspace: A Case StudyEswar Publications
This report present the outcome of an investigative research conducted to examine the modu-operandi of academic staff union of polytechnics (ASUP) YabaTech. The investigation covered the logistics and cost implication for spreading union activities among members. It was discovered that cost of management and dissemination of information to members was at high side, also logistics problem constitutes to loss of information in transit hence cut away some members from union activities. To curtail the problem identified, we proposed the
design of secure and dynamic website for spreading union activities among members and public. The proposed system was implemented using HTML5 technology, interface frameworks like Bootstrap and j query which enables the responsive feature of the application interface. The backend was designed using PHPMYSQL. It was discovered from the evaluation of the new system that cost of managing information has reduced considerably, and logistic problems identified in the old system has become a forgotten issue.
Identifying an Appropriate Model for Information Systems Integration in the O...Eswar Publications
Nowadays organizations are using information systems for optimizing processes in order to increase coordination and interoperability across the organizations. Since Oil and Gas Industry is one of the large industries in whole of the world, there is a need to compatibility of its Information Systems (IS) which consists three categories of systems: Field IS, Plant IS and Enterprise IS to create interoperability and approach the
optimizing processes as its result. In this paper we introduce the different models of information systems integration, identify the types of information systems that are using in the upstream and downstream sectors of petroleum industry, and finally based on expert’s opinions will identify a suitable model for information systems integration in this industry.
Link-and Node-Disjoint Evaluation of the Ad Hoc on Demand Multi-path Distance...Eswar Publications
This work illustrates the AOMDV routing protocol. Its ancestor, the AODV routing protocol is also described. This tutorial demonstrates how forward and reverse paths are created by the AOMDV routing protocol. Loop free paths formulation is described, together with node and link disjoint paths. Finally, the performance of the AOMDV routing protocol is investigated along link and node disjoint paths. The WSN with the AOMDV routing protocol using link disjoint paths is better than the WSN with the AOMDV routing protocol using node disjoint paths for energy consumption.
Bridging Centrality: Identifying Bridging Nodes in Transportation NetworkEswar Publications
To identify the importance of node of a network, several centralities are used. Majority of these centrality measures are dominated by components' degree due to their nature of looking at networks’ topology. We propose a centrality to identification model, bridging centrality, based on information flow and topological aspects. We apply bridging centrality on real world networks including the transportation network and show that the nodes distinguished by bridging centrality are well located on the connecting positions between highly connected regions. Bridging centrality can discriminate bridging nodes, the nodes with more information flowed through them and locations between highly connected regions, while other centrality measures cannot.
Now a days we are living in an era of Information Technology where each and every person has to become IT incumbent either intentionally or unintentionally. Technology plays a vital role in our day to day life since last few decades and somehow we all are depending on it in order to obtain maximum benefit and comfort. This new era equipped with latest advents of technology, enlightening world in the form of Internet of Things (IoT). Internet of things is such a specified and dignified domain which leads us to the real world scenarios where each object can perform some task while communicating with some other objects. The world with full of devices, sensors and other objects which will communicate and make human life far better and easier than ever. This paper provides an overview of current research work on IoT in terms of architecture, a technology used and applications. It also highlights all the issues related to technologies used for IoT, after the literature review of research work. The main purpose of this survey is to provide all the latest technologies, their corresponding
trends and details in the field of IoT in systematic manner. It will be helpful for further research.
Automatic Monitoring of Soil Moisture and Controlling of Irrigation SystemEswar Publications
In past couple of decades, there is immediate growth in field of agricultural technology. Utilization of proper method of irrigation by drip is very reasonable and proficient. A various drip irrigation methods have been proposed, but they have been found to be very luxurious and dense to use. The farmer has to maintain watch on irrigation schedule in the conventional drip irrigation system, which is different for different types of crops. In remotely monitored embedded system for irrigation purposes have become a new essential for farmer to accumulate his energy, time and money and will take place only when there will be requirement of water. In this approach, the soil test for chemical constituents, water content, and salinity and fertilizer requirement data collected by wireless and processed for better drip irrigation plan. This paper reviews different monitoring systems and proposes an automatic monitoring system model using Wireless Sensor Network (WSN) which helps the farmer to improve the yield.
Multi- Level Data Security Model for Big Data on Public Cloud: A New ModelEswar Publications
With the advent of cloud computing the big data has emerged as a very crucial technology. The certain type of cloud provides the consumers with the free services like storage, computational power etc. This paper is intended to make use of infrastructure as a service where the storage service from the public cloud providers is going to leveraged by an individual or organization. The paper will emphasize the model which can be used by anyone without any cost. They can store the confidential data without any type of security issue, as the data will be altered
in such a way that it cannot be understood by the intruder if any. Not only that but the user can retrieve back the original data within no time. The proposed security model is going to effectively and efficiently provide a robust security while data is on cloud infrastructure as well as when data is getting migrated towards cloud infrastructure or vice versa.
Impact of Technology on E-Banking; Cameroon PerspectivesEswar Publications
The financial services industry is experiencing rapid changes in services delivery and channels usage, and financial companies and users of financial services are looking at new technologies as they emerge and deciding whether or not to embrace them and the new opportunities to save and manage enormous time, cost and stress.
There is no doubt about the favourable and manifold impact of technology on e-banking as pictured in this review paper, almost all banks are with the least and most access e-banking Technological equipments like ATMs and Cards. On the other Hand cheap and readily available technology has opened a favourable competition in ebanking services business with a lot of wide range competitors competing with Commercial Banks in Cameroon in providing digital financial services.
Classification Algorithms with Attribute Selection: an evaluation study using...Eswar Publications
Attribute or feature selection plays an important role in the process of data mining. In general the data set contains more number of attributes. But in the process of effective classification not all attributes are relevant.
Attribute selection is a technique used to extract the ranking of attributes. Therefore, this paper presents a comparative evaluation study of classification algorithms before and after attribute selection using Waikato Environment for Knowledge Analysis (WEKA). The evaluation study concludes that the performance metrics of the classification algorithm, improves after performing attribute selection. This will reduce the work of processing irrelevant attributes.
Mining Frequent Patterns and Associations from the Smart meters using Bayesia...Eswar Publications
In today’s world migration of people from rural areas to urban areas is quite common. Health care services are one of the most challenging aspect that is must require to the people with abnormal health. Advancements in the technologies lead to build the smart homes, which contains various sensor or smart meter devices to automate the process of other electronic device. Additionally these smart meters can be able to capture the daily activities of the patients and also monitor the health conditions of the patients by mining the frequent patterns and
association rules generated from the smart meters. In this work we proposed a model that is able to monitor the activities of the patients in home and can send the daily activities to the corresponding doctor. We can extract the frequent patterns and association rules from the log data and can predict the health conditions of the patients and can give the suggestions according to the prediction. Our work is divided in to three stages. Firstly, we used to record the daily activities of the patient using a specific time period at three regular intervals. Secondly we applied the frequent pattern growth for extracting the association rules from the log file. Finally, we applied k means clustering for the input and applied Bayesian network model to predict the health behavior of the patient and precautions will be given accordingly.
Network as a Service Model in Cloud Authentication by HMAC AlgorithmEswar Publications
Resource pooling on internet-based accessing on use as pay environmental technology and ruled in IT field is the
cloud. Present, in every organization has trusted the web, however, the information must flow but not hold the
data. Therefore, all customers have to use the cloud. While the cloud progressing info by securing-protocols. Third
party observing and certain circumstances directly stale in flow and kept of packets in the virtual private cloud.
Global security statistics in the year 2017, hacking sensitive information in cloud approximately maybe 75.35%,
and the world security analyzer said this calculation maybe reached to 100%. For this cause, this proposed
research work concentrates on Authentication-Message-Digest-Key with authentication in routing the Network as
a Service of packets in OSPF (Open Shortest Path First) implementing Cloud with GNS3 has tested them to
securing from attackers.
Microstrip patch antennas are recently used in wireless detection applications due to their low power consumption, low cost, versatility, field excitation, ease of fabrication etc. The microstrip patch antennas are also called as printed antennas which is suffer with an array elements of antenna and narrow bandwidth. To overcome the above drawbacks, Flame Retardant Material is used as the substrate. Rectangular shape of microstrip patch antenna with FR4 material as the substrate which is more suitable for the explosive detection applications. The proposed printed antenna was designed with the dimension of 60 x 60 mm2. FR-4 material has a dielectric constant value of 4.3 with thickness 1.56 mm, length and width 60 mm and 60 mm respectively. One side of the substrate contains the ground plane of dimensions 60 x60 mm2 made of copper and the other side of the substrate contains the patch which have dimensions 34 x 29 mm2 and thickness 0.03mm which is also made of copper. RMPA without slot, Vertical slot RMPA, Double horizontal slot RMPA and Centre slot RMPA structures were
designed and the performance of the antennas were analysed with various parameters such as gain, directivity, Efield, VSWR and return loss. From the performance analysis, double horizontal slot RMPA antenna provides a better result and it provides maximum gain (8.61dB) and minimum return loss (-33.918dB). Based on the E-field excitation value the SEMTEX explosive material is detected and it was simulated using CST software.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Object Oriented Secure Modeling using SELinux Trusted Operating System
1. Int. J. Advanced Networking and Applications
Volume: 09 Issue: 04 Pages: 3492-3497(2018) ISSN: 0975-0290
3492
Object Oriented Secure Modeling using SELinux
Trusted Operating System
Dr. Nitish Pathak1
*
1
Bharati Vidyapeeth's Institute of Computers Applications and Management (BVICAM),
Guru Gobind Singh Indraprastha University (GGSIPU), New Delhi, India
Email: nitishforyou@gmail.com
Neelam Sharma
2
MAIT, Guru Gobind Singh Indraprastha University (GGSIPU), New Delhi, India
-------------------------------------------------------------------ABSTRACT----------------------------------------------------------------
This research paper proposes the object oriented experimental setup for secure web application development and
use of security performance flexibility model to keep high security in web applications. This model allows system
administrators to skip or disable some unnecessary security checks in distributed trusted operating systems
through which they can effectively balance their performance needs without compromising the security of the
system. For example, system admin can tell that video on demand server is allowed to skip only security checks
on reading files, while database server is allowed to skip only security checks on seeking files. Which operation is
need to be skipped and which operation is not need to be skipped is very much subjective in nature, this will
depend upon the user’s requirement and the particular application’s requirement. The selection of these
operations and system calls for a particular application is the part of software requirement elicitation process.
This UML 2.0 based research work proposes object-oriented class-based software development, source code
generation in C++ and the integration of security engineering into a model-driven software development.
Keywords: SELinux, SPF, Forward engineering, DTOS, UML 2.0
--------------------------------------------------------------------------------------------------------------------------------------------------
Date of Submission: Jan 03, 2018 Date of Acceptance: Jan 23, 2018
--------------------------------------------------------------------------------------------------------------------------------------------------
I. INTRODUCTION
In the last decade, there has been vast growth in the field
of networking, sharing of data worldwide. And then comes
the most extensively used thing Internet have made cyber
security a very crucial aspect of research and development.
Its matter of concern for both the common users and
researchers connected all over the world. Despite of lot of
works undergoing we are still unable to get something that
reliable and silver bullet that it may provide us with
complete security for our systems. Being so advanced we
still lack the basic potential to create such a system that is
capable of stopping viruses and accessing our confidential
data from our systems [1]. The security methods
developed, researched till yet are implemented in the
application layer of the computers which is making our
systems more prone to data insecurity. These methods
includes encryption using a key i.e. cryptography, using
firewalls, access control using authentication, and
application layer access control. The most two burning
domains are Cryptography and authentication techniques
in which max research is being done. Although these are
something very difficult to crack but no one knows the
dynamic minds making some of probability of data
insecurity [2]. To some extent using firewalls and
application layer access control have helped us but they do
have a drawback. These two techniques can help in
stopping the attacks using viruses uploaded on internet but
fails to protect from internal security issue thus finally
making our system vulnerable [3].
The biggest threat to our application layer is viruses and
Trojan Horses. Once these two enters in our system they
have the potential to access and even modify each and
every data present on the system. Now these days, to
overcome the threats operating system application layer
and the network entry points is used to implement the
security measures. Although no preventive measures are
used inside the kernel of Operating Systems. It is believed
that security measures in kernel are much more effective
than the application layer [4]. In fact, after lot of research
such operating systems have been developed which have
much more mechanisms inside the OS kernel providing us
very good level of security thus securing our systems [5].
In reality, trusted operating systems are better choice for
web applications to maintain the security concern, but this
security will come at a cost. By using trusted systems, our
web application will be more and more secure, but due to
more security checks, the performance of the same system
will disgrace in all respect [6].
The Security is not something expected not only by big
organizations but also by common consumers so now
concerns are being there on this and many vendors are
trying hard to fix the issue. The companies which came up
with some promising operating systems with security
features are Argus-Systems Group, HP, and Sun
Microsystems [7]. Open Source OS are also providing
well secured kernel having excellent security features and
commonly known as secure systems, operating systems.
National Security Agency has released the most secured
and that too open source operating system called as SEL
Linux. Proper definitions of secure system vary from
organization to organization [8]. These secure Systems are
more complex for computer administrators to handle and
manage. Such secure Systems require much more extra
2. Int. J. Advanced Networking and Applications
Volume: 09 Issue: 04 Pages: 3492-3497(2018) ISSN: 0975-0290
3493
effort and time to setup the desired security policy on the
part of administrator [9]. The implementation of security
policies, as per the requirement of user, is very complex in
such systems. In this research paper, we are suggesting
SEL Linux trusted operating systems for maintaining the
security concern in web applications[10][11].
In the proposed design and development, we are using
UML2.0 based conceptual modeling for the development
of secure application. It makes the programming simpler,
more effective and manageable [12]. This research work
proposes SPF based secure software analysis, SPF based
secure software design and SPF based secure software
development. Far above the ground, quality of software
design is necessary for the success of software [13].
II. TRUSTED OPERATING SYSTEM BASED
SECURE WEB APPLICATIONS
The essential structural design of this operating system is
shown in Fig.1. Just for a reminder to the readers;
architecture is just a concept although implementation can
be done in a lot of ways. The architecture of traditional
operating systems is given in Fig. 1(a). System call
interface helps the application and middleware interface to
communicate with the Operating System [14].
(a)Ordinary
operating systems
(b) Proposed structure of trusted
operating systems
Fig. 1: Structure of trusted operating systems and ordinary
operating systems.
Fig. 1.(a), Illustrating thin or slim security layer of
operating systems kernel security checks. Now in order to
provide higher security, lots of security checks are there in
kernel of Trusted Operating Systems. Fig. 1(b)
demonstrates the additional security checks in the kernel.
This will cause trusted operating systems to be slower than
standard operating systems [15]. Fig.1 (b) clearly depicts
the thicker layer of kernel security checks. What all
security measures are being taken in the kernel security
check depends all on implementation and modeling. But
the disadvantage of having extra security check is that
whenever user tries to do any useful work it need to
undergo all the checks thus deteriorating the system
overall performance[16][17].
III. PROBLEM EXPLANATION AND OBJECT
ORIENTED SOLUTION METHODOLOGY
Before moving into the problem, we are dealing, first we
will be talking about the basic principles of Secure
Operating Systems. As was mentioned previously, the
term Trusted OS is interpreted differently and vary from
one company to another software company. During system
programming, company develops the system software
according to the requirement of end users. But there are
some important features in all Trusted Operating Systems.
They are as follows Least Privilege, Mandatory Access
Control (MAC), Discretionary Access Control (DAC) and
auditing [18][21].
For example, admin of the system can disable all the read
checks in web server because they are actually useless
which finally increases throughput of the web server. Web
server deals with sole public data and public information.
Since majority of data is public on any web server, task of
checking it during read from disk is something useless
because this data is already readable by each and every
user using internet [19]. The real task of security comes
when it comes to writing access. For any web server
integrity is the main issue rather than its confidentiality.
As we had stated that there are many types of workloads
that are continuously being checked by the security
mechanisms of kernel in which many of them are very
much useless or undesired in a Trusted Operating System.
Primary concern of these workloads is quality as well as
integrity of data rather than security of certain operations
since the data they consist can be public [20]. This let us
conclude that by disabling security measures of some parts
of OS performance can be increased.
The essential structural design of distributed trusted
operating systems (DTOS) and Flask is revealed in Figure
2. Unlike the conventional methods of adding more and
more security layers at the kernel level, we are suggesting
two supplementary or extra subsystems in this structural
design. The responsibility of object manager in this model
is to call the security server each time whenever a system
user tries to access an object. Particular security server
confirms the security pattern and informs the respective
object manager if permission for requested operation is
granted or denied. In this design approach we have to
notice that the security server is not at all the component
of the kernel. It is a different and separate part that can be
called as per requirement, by the kernel. These different
modules of the security server also can be altered or
changed. This is the main reason that’s why DTOS as well
3. Int. J. Advanced Networking and Applications
Volume: 09 Issue: 04 Pages: 3492-3497(2018) ISSN: 0975-0290
3494
as Flask both are built and implemented upon kernels.
Almost security policies can be implemented if we
consider security server as a separate part or separate
module. These separate modules can be easily modified as
per web applications requirement. This is not hard and fast
that security need always will be unchanging or statically
placed within the kernel. These security needs and
implementation will vary from one real life application to
another.
The implementations of web application for maintain the
security is very much subjective in nature. The security
requirement for the same will depend upon the user’s
needs. The object manager all the time calls the security
server for checking the granted permissions. If security
server grants permission for particular operations, then ok,
operation or specific system call will be passed to kernel
layer for execution. If permission is not granted, requested
operations will not execute.
Fig. 2: Flexible security policy architecture for trusted operating systems
The security features and security policies can be altered,
as per need, dynamically as the system is in execution
phase. Security layer will execute the security checks
according to new altered security policies. In order to
boost performance in DTOS as well as in Flask, security
policy caching was recommended as a means to strengthen
performance. The mainly referenced security checks are
stored in a software-implemented cache, located in the
module of object manager. This can surely increase the
performance of systems. By caching recent security
policies in the object manager, few parts of the security
check can be ignored. In this case, if security policies
changed by authentic user, new security policies will be
implemented with immediate effects. As stated all over
this section, it seems the future of security in operating
systems is dependent on two major factors. These two
factors or themes are the development of TOS with very
easier system administration work and system
programming methods to apply a massive variety of
security policies. At the time of implementation, these
massive varieties of security policies will vary from one
application to another.
IV. OBJECT ORIENTED SECURE MODELING
FOR WEB APPLICATION
Object Oriented is an ever-growing discipline and since
there lies, uncertainty for what really establishes sense of
object-orientation; this encapsulates the nucleus factor and
defines the vocabulary to be used in the remaining of
theory. Object-Oriented Development is a set of practices
and approaches for manufacturing software systems
grounded on real world abstractions. Object-Oriented
approach delivers a relatively smooth approach for
progressing from analysis, to design, through to
implementation.
Object oriented development is presently the most
accepted software development style. UML has now
4. Int. J. Advanced Networking and Applications
Volume: 09 Issue: 04 Pages: 3492-3497(2018) ISSN: 0975-0290
3495
become the language of choice intended for developers
who wish to imagine and model the system underneath
progress. UML is used in many customs for expressing the
concepts such as software specification, website structure
and business modeling. In the proposed design and
development, we are using UML2.0 based conceptual
modeling for the development of secure application.
In object oriented class diagram, designer will identify the
classes. These classes can be identified through software
requirement specification (SRS). As normal practices,
actors of use case diagram are considered as classes and
the use cases are considered as member functions or
methods of the classes. When we want to model the
structure of a system or a web application, we can make
use of object oriented class diagram. We develop the
component based class diagram. In Store Stock Control
Based Web Application, storing objects may be sales
clerk, inventory, Credit card, Cheque, store manager,
Payment, Person, marketing, stock manager, person,
warehouse person, invoice, system, customer etc. (See Fig.
3.). The standard class diagram of Store Stock Control is
as follows in Fig. 3.
Fig. 3: Class diagram for online store stock control web application.
The class wise equivalent C++ code of this case study is
as follows-
Sample Code of C++ for understanding:
class Person
{
public:
//##ModelId=553C976E01C4
GetDeatils();
//##ModelId=553C97750038
SetDeatils();
private:
//##ModelId=553C971B02D3
String Name;
//##ModelId=553C97380226
String Phone;
//##ModelId=553C975B0001
String Address;
};
#include "Person.h"
//##ModelId=553C9B4C0295
5. Int. J. Advanced Networking and Applications
Volume: 09 Issue: 04 Pages: 3492-3497(2018) ISSN: 0975-0290
3496
class Customer : public Person
{
public:
//##ModelId=553C9B890326
Make_Payment();
private:
//##ModelId=553C9B5A003E
Person Name;
//##ModelId=553C9B5E0028
Person Phone;
//##ModelId=553C9B64019E
person Address;
//##ModelId=553C9B680189
String Credit_Card;
//##ModelId=553C9B6F0007
Integer Cash_Amount;
};
#endif /*
#include "Person.h"
//##ModelId=553C99010386
class Stock Manager : public Person
{
public:
//##ModelId=553C99340150
Check_Demand();
//##ModelId=553C99380262
Monitor_Stock_Level();
//##ModelId=553C9940011C
Monitor_Weekly_Run_Rates();
//##ModelId=553C994F005E
Order_Stock();
private:
//##ModelId=553C9912016D
Person Name;
//##ModelId=553C991601B4
Person Phone;
//##ModelId=553C991B0229
Person Address;
//##ModelId=553C9920005D
String Stock_Status;
};
#endif /*
WAREHOUSE_STAFF_H_HEADER_INCLUDED_AAC
32
A1B */
//##ModelId=553C9C2202FC
class WareHouse Staff
{
public:
//##ModelId=553C9C4B0368
Book_Stock();
private:
//##ModelId=553C9C2B02DE
String Stock_Status;
//##ModelId=553C9C330009
Stock_Description;
};
#endif /*
With the help of above software development process,
developers can identify software Metrics like no. of data
members, no. of data members per super class, no. of data
members per sub class, member functions, the length of
the program, Volume, vocabulary of a program, average
number of live variables, Count of executable statements,
member functions per class, data structure metrics, and
information flow etc. These software Metrics can be
identified through Hallstead software science measures
and data structure metrics .With the help of above
mentioned approach, software project planning will
become easier to developers.
V. RESULTS AND DISCUSSION OF SELINUX
TRUSTED OPERATING SYSTEM
SELinux trusted operating system is better choice for the
development of secure web applications. Table 1and table
2 shows the performance results that are appropriate to
security performance flexibility (SPF). These tables
showing the results with SPF, without SPF and showing
the performance compression. Through SPF model of
SELinux operating system, we can implement the high
security concerns for web applications.
TABLE 1: SECURITY CHECKS EXECUTED IN SELINUX
TRUSTED OPERATING SYSTEM.
File System Tests SELinux
without SPF
SELinux
with
System-SPF
model
Random Disk Reads (K)
per second
94167 93135
Random Disk Writes (K)
per second
79188 79508
Sequential Disk Reads
(K) per second
335527 325591
Sequential Disk Writes
(K) per second
149616 153174
Disk Copies (K) per
second
102252 102744
TABLE 2: SECURITY CHECKS SKIPPED IN SELINUX TRUSTED
OPERATING SYSTEM.
File System Tests SELinux
Without
SPF
SELinux
with
System-SPF
model
Random Disk Reads (K)
per second
94167 99762
Random Disk Writes (K)
per second
79188 84768
Sequential Disk Reads
(K) per second
335527 363571
Sequential Disk Writes
(K) per second
149616 159727
Disk Copies (K) per
second
102252 110315
Added advantage of choosing SELinux is being open
source thus allowing modification and change as per your
requirement. Just because of privacy and confidentiality in
Trusted Operating Systems, the source code of any
6. Int. J. Advanced Networking and Applications
Volume: 09 Issue: 04 Pages: 3492-3497(2018) ISSN: 0975-0290
3497
software company, business and armed forces will not be
available for normal user. So obtaining such source code
in specific language is not as easy as we think. The
privacy and security implementation for any system will
vary from one Development Company to another.
VI. CONCLUSION
This research paper presents a SPF based approach for
web applications and the integration of security
engineering into a model-driven software development.
This research work showcase the effectiveness of UML
2.0 based object oriented modeling with primary focus of
security through the system level SPF in web applications.
This model allowed system administrators to skip or
disable some unnecessary security checks in distributed
trusted operating systems through which they can
effectively balance their performance needs without
compromising the security of the system. In this paper, we
described experiential forward engineering, source code
structuring and restructuring of secure software system.
REFERENCES
[1] Davis, J. P. (2009). Propositional logic constraint
patterns and their use in UML-based conceptual
modelling and analysis. IEEE Transactions on
Knowledge and Data Engineering, 19(3).
[2] Andrian, M.; and Denys, P. (2011). Using the
conceptual cohesion of classes for fault prediction in
object-oriented systems. IEEE Transactions on
Software Engineering, 34(2).
[3] Barbara, P.; and Myra, S. (2012). Privacy-preserving
query log mining for business confidentiality
protection. ACM Transactions on the Web, 4(3).
[4] Nitish Pathak, Girish Sharma and B. M. Singh
“Forward Engineering Based Implementation of TOS
in Social Networking” published in International
Journal of Computer Applications, Volume 102 -
Number 11, Sep-2014, pp: 33-38, ISSN: 0975 -
8887.Foundation of Computer Science, New York,
USA.
[5] Sara, C.; and Davide, M. (2013). A model-driven
methodology to the content layout problem in web
applications. ACM Transactions on the Web, 6(3).
[6] Selby, R.W.; and Basili, V.R. (1987). Clean room
software development: an empirical evaluation. IEEE
Trans. Software Eng., 13(9), 1027-1037.
[7] Betty, H.C.C.; and Enoch, Y. W. (2002). Formalizing
and integrating the dynamic model for object-
oriented modelling. IEEE Transactions on Software
Engineering, 28(8).
[8] Nitish Pathak and Neelam Sharma “SPF BASED
SELINUX OPERATING SYSTEM FOR
MULTIMEDIA APPLICATIONS.” Published in
International Journal of Reviews in Computing,
ISSN: 2076-3328, pp.97-101, Vol.8, December-
2011.
[9] Luiz, A. R.; and Daniel, S. (2006). An authoring
environment for model-driven web applications.
WebMedia'06, November 19–22, 2006, Natal, RN.
[10]Simona, B.; Jos,´E. M.; and Dorina, C. P. (2012).
Dependability modelling and analysis of software
systems specified with UML. ACM Computing
Surveys, 45(1).
[11]Michel, R. V. C.; Werner, H.; and Ariadi, N. (2012).
How effective is UML modelling? An empirical
perspective on costs and benefits. Softw Syst Model,
571–580, Springer-Verlag.
[12]Pathak, N.; Sharma, G.; and Singh, B. M. (2015).
Trusted operating system based model-driven
development of secure web applications. Paper
accepted for CSI - 2015; CSI - 50th Golden Jubilee
Annual Convention, International Conference.
[13]Pathak, N.; Sharma, G.; and Singh, B. M. (2015).
Towards designing of SPF based secure web
application using UML 2.0. International Journal of
Systems Assurance Engineering and
Management, Springer.
[14]Marco, B.; Stefano, C.; and Piero, F. (2006). Process
modelling in web applications. ACM Transactions on
Software Engineering and Methodology, 15(4).
[15]Georgia, M. K.; Dimitrios, A. K.; Christos, A. P.;
Nikolaos, D. T.; and Iakovos, S. V. (2008). Model-
driven development of composite web applications.
iiWAS2008, November 24–26, Linz, Austria.
[16]Pathak, N.; Sharma, G.; and Singh, B. M. (2015).
Experimental designing of SPF based secure web
application using forward engineering. IEEE and
IETE Sponsored 9th International Conference,
BVICAM, New Delhi.
[17]Peter, D.; Timothy, W.; and Prashant, S. (2012).
Modellus: automated modelling of complex internet
data center applications. ACM Transactions on the
Web, 6(2).
[18]Pathak, N.; Sharma, G.; and Singh, B. M. (2017).
UML 2.0 Based Framework for the Development of
Secure Web Application.BVICAM's International
Journal of Information Technology (BIJIT), DOI:
10.1007/s141870-017-0001-3, February, 2017,
Springer
[19]Kim, H.; Zhang, Y.; Oussena, S.; and Clark, T.
(2009), A case study on model driven data
integration for data centric software development.
ACM, 2009.
[20]Pathak, N.; Sharma, G.; and Singh, B. M. (2015).
Experimental analysis of SPF based secure web
application. International Journal of Modern
Education and Computer Science (IJMECS), 7(2),
48-55, Hong Kong.
[21]Thiago, J.; Bittar, R.; Fortes, P. M.; and Luanna, L.L.
(2009). Web communication and interaction
modelling using model-driven development.
SIGDOC’09, 5–7, 2009, Bloomington, Indiana,
USA.