scholarly journals An Approach to Analyze Vulnerability of Information Flow in Software Architecture

2020 ◽  
Vol 10 (1) ◽  
pp. 393
Author(s):  
Tingyang Gu ◽  
Minyan Lu ◽  
Luyi Li ◽  
Qiuying Li
Keyword(s):  
Software Architecture ◽  
Information Flow ◽  
Security Policies ◽  
Static Structure ◽  
Source Codes ◽  
Service Invocation ◽  
Development Cycle ◽  
Level Information ◽  
Concept Of Information

Current research on software vulnerability analysis mostly focus on source codes or executable programs. But these methods can only be applied after software is completely developed when source codes are available. This may lead to high costs and tremendous difficulties in software revision. On the other hand, as an important product of software design phase, architecture can depict not only the static structure of software, but also the information flow due to interaction of components. Architecture is crucial in determining the quality of software. As a result, by locating the architecture-level information flow that violates security policies, vulnerabilities can be found and fixed in the early phase of software development cycle when revision is easier with lower cost. In this paper, an approach for analyzing information flow vulnerability in software architecture is proposed. First, the concept of information flow vulnerability in software architecture is elaborated. Corresponding security policies are proposed. Then, a method for constructing service invocation diagrams based on graph theory is proposed, which can depict information flow in software architecture. Moreover, an algorithm for vulnerability determination is designed to locate architecture-level vulnerabilities. Finally, a case study is provided, which verifies the effectiveness and feasibility of the proposed methods.

scholarly journals Three Social Classroom Applications to Improve Student Attitudes

2014 ◽  
Vol 2014 ◽  
pp. 1-14 ◽  
Author(s):  
Alf Inge Wang ◽  
Aleksander Aanesl. Elvemo ◽  
Vegard Gamnes
Keyword(s):  
Social Interaction ◽  
Software Architecture ◽  
Student Attitudes ◽  
Activity Level ◽  
Difficulty Level ◽  
Technical Quality ◽  
Digital Devices ◽  
Highly Sensitive ◽  
The Difference

The paper presents results of a quasiexperiment where the three social classroom applications Post-It, WordCloud, and Categorizer were used in software architecture lectures. Post-It and WordCloud are applications that allow students to brainstorm or give comments related to a given topic. Categorizer is a puzzle game where the students are asked to place a number of terms in one of two correct categories. The three applications are multimodal HTML5 applications that enable students to interact in a classroom using their own digital devices, and the teacher’s laptop is used to display progress and results on the large screen. The focus of this study was to evaluate how the difference of these applications and how their integration into the lecture affected the students’ motivation, engagement, thinking, activity level, social interaction, creativity, enjoyment, attention, and learning. In addition, the study evaluated the usability and the technical quality of the applications. The results of the experiment show that the way such applications are integrated into a lecture highly affects the students’ attitude. The experiment also showed that the game-based application was on average better received among the students and that the students’ attitude was highly sensitive to the difficulty level of the game.

Modern problems of ensuring information security in the educational and pedagogical sphere

2021 ◽  
pp. 57-64
Author(s):  
М. М. Abdurazakov ◽  
Z. О. Batygov
Keyword(s):  
Information Security ◽  
General Education ◽  
General Concept ◽  
Information Protection ◽  
Educational Training ◽  
Educational Processes ◽  
Personal Qualities ◽  
Knowledge Competencies ◽  
Concept Of Information

The article deals with the problems of information security and its provision in relation to society and its educational environment, processes and relations, subjects and objects. The necessity of forming the corresponding subject-information competence of subjects, personal culture of information security is shown.It is noted that the information security of educational subjects is a specific part of the general security of education as its qualitative development in the developing information society in accordance with its properties and requirements. The concept of information security in the field of education is formulated in the context of a general concept and in the aspect of its specificity in education, its educational and educational processes, as well as in the aspect of personal, psychological, age and other properties of subjects of education. This presupposes the presence of a corresponding purposefulness of general education, which also acquires the quality of informational education, and its expression in the content of education and subject-oriented educational training. In particular, this applies to the general education subject “Informatics” as the main resource of information education, in the process of forming the relevant knowledge, competencies and personal qualities.The necessity of mandatory inclusion of the relevant topics in the content of information education in the context of information security and information protection has been substantiated: the state and problems of information security, personal security; goals and objectives of information security; legal and other aspects of information protection, means of protecting electronic data in the field of education.

Business Informatization Level

2011 ◽  
pp. 438-444
Author(s):  
Ronaldo Zwicker
Keyword(s):  
Information Technology ◽  
Measurement Method ◽  
Business Processes ◽  
Simple Problem ◽  
It Business Value ◽  
It Diffusion ◽  
Set Up ◽  
Concept Of Information ◽  
Technology Resources

IT diffusion is central to the new economy and is reflected in a process of informatization of society and businesses. Although initially coined to represent the diffusion and adoption of information technology (IT) in all levels of society, the term informatization is also employed to represent the use of information technology resources in organizations. Weissbach (2003), for instance, defines informatization as being the process of gradual and increasing application of “planned and systematic use of IT penetrating the organization’s functions”. As pointed out by Lim (2001), the evaluation of an organization’s Informatization Level (IL) is an important managerial concern. The author also points out the difficulties associated with this evaluation, stating that “this is not a simple problem because informatization includes many intangible factors such as the quality of information and the organization’s culture”. The purpose of evaluating a company’s IL is to provide information for the organization to improve precisely its informatization level. It is also a means of benchmarking the efficacy and efficiency of IT investments in order to set up the baseline for improvement. This topic depicts a measurement method for the IL of companies and shows results of its application in 830 Brazilian industries (Zwicker, Vidal, & Souza, 2005). The development of this method was based on the principle that IT results in companies are not obtained merely through investments and the implementation of systems but rather through its proper use in business processes. The proposed method extends the informatization dimensions proposed by Lim (2001), using the process-based view of the IT business value creation model proposed by Soh and Markus (1995) and the concept of “information systems coverage” proposed by Ravarini, Tagliavini, Buonanno, and Sciuto (2002).

Deployment of E-Government Municipal Services

2011 ◽  
pp. 3253-3261
Author(s):  
Nikolaos Oikonomidis ◽  
Sergiu Tcaciuc ◽  
Christoph Ruland
Keyword(s):  
Cost Effective ◽  
Security Policies ◽  
Municipal Services ◽  
Research Results ◽  
Fundamental Structure ◽  
Cross Border ◽  
Governmental Organizations

This paper presents the research results on reliable enforcement of security policies for electronic services deployment in small and medium sized governmental organizations (SMGOs). Motivation for this research has been the fact that SMGOs interact frequently with citizens and/or businesses, to offer paper-based and electronic services which utilize a limited number of resources, such as employees and funds. SMGOs interact also with each other, in local or cross-border transactions, exchanging information on behalf of citizens, businesses or the organization itself. There is an obvious need for a secure, interoperable and cost-effective eGovernment platform that addresses the requirements of SMGOs, improves the quality of the citizens’ involvement and strengthens the fundamental structure of these organizations.

Evolution Impact on Architecture Stability in Open-Source Projects

2015 ◽  
Vol 5 (4) ◽  
pp. 24-35 ◽  
Author(s):  
Mamdouh Alenezi ◽  
Fakhry Khellah
Keyword(s):  
Software Architecture ◽  
Open Source ◽  
Open Source Software ◽  
Quality Standard ◽  
Management Style ◽  
Efficient Technique ◽  
Maintenance Cost ◽  
Software Systems ◽  
Architecture Evolution

Software systems usually evolve constantly, which requires constant development and maintenance. Subsequently, the architecture of these systems tends to degrade with time. Therefore, stability is a key measure for evaluating an architecture. Open-source software systems are becoming progressively vital these days. Since open-source software systems are usually developed in a different management style, the quality of their architectures needs to be studied. ISO/IEC SQuaRe quality standard characterized stability as one of the sub-characteristics of maintainability. Unstable software architecture could cause the software to require high maintenance cost and effort. In this work, the authors propose a simple, yet efficient, technique that is based on carefully aggregating the package level stability in order to measure the change in the architecture level stability as the architecture evolution happens. The proposed method can be used to further study the cause behind the positive or negative architecture stability changes.

Sign in / Sign up

Export Citation Format

Share Document