Background In recent years, with the rapid development of mobile Internet and Web3D technologies, a large number of web-based online 3D visualization applications have emerged. Web3D applications, including Web3D onli...Background In recent years, with the rapid development of mobile Internet and Web3D technologies, a large number of web-based online 3D visualization applications have emerged. Web3D applications, including Web3D online tourism, Web3D online architecture, Web3D online education environment, Web3D online medical care, and Web3D online shopping are examples of these applications that leverage 3D rendering on the web. These applications have pushed the boundaries of traditional web applications that use text, sound, image, video, and 2D animation as their main communication media, and resorted to 3D virtual scenes as the main interaction object, enabling a user experience that delivers a strong sense of immersion. This paper approached the emerging Web3D applications that generate stronger impacts on people's lives through “real-time rendering technology”, which is the core technology of Web3D. This paper discusses all the major 3D graphics APIs of Web3D and the well-known Web3D engines at home and abroad and classify the real-time rendering frameworks of Web3D applications into different categories. Results Finally, this study analyzed the specific demand posed by different fields to Web3D applications by referring to the representative Web3D applications in each particular field. Conclusions Our survey results show that Web3D applications based on real-time rendering have in-depth sectors of society and even family, which is a trend that has influence on every line of industry.展开更多
In today’s rapidly evolving digital landscape,web application security has become paramount as organizations face increasingly sophisticated cyber threats.This work presents a comprehensive methodology for implementi...In today’s rapidly evolving digital landscape,web application security has become paramount as organizations face increasingly sophisticated cyber threats.This work presents a comprehensive methodology for implementing robust security measures in modern web applications and the proof of the Methodology applied to Vue.js,Spring Boot,and MySQL architecture.The proposed approach addresses critical security challenges through a multi-layered framework that encompasses essential security dimensions including multi-factor authentication,fine-grained authorization controls,sophisticated session management,data confidentiality and integrity protection,secure logging mechanisms,comprehensive error handling,high availability strategies,advanced input validation,and security headers implementation.Significant contributions are made to the field of web application security.First,a detailed catalogue of security requirements specifically tailored to protect web applications against contemporary threats,backed by rigorous analysis and industry best practices.Second,the methodology is validated through a carefully designed proof-of-concept implementation in a controlled environment,demonstrating the practical effectiveness of the security measures.The validation process employs cutting-edge static and dynamic analysis tools for comprehensive dependency validation and vulnerability detection,ensuring robust security coverage.The validation results confirm the prevention and avoidance of security vulnerabilities of the methodology.A key innovation of this work is the seamless integration of DevSecOps practices throughout the secure Software Development Life Cycle(SSDLC),creating a security-first mindset from initial design to deployment.By combining proactive secure coding practices with defensive security approaches,a framework is established that not only strengthens application security but also fosters a culture of security awareness within development teams.This hybrid approach ensures that security considerations are woven into every aspect of the development process,rather than being treated as an afterthought.展开更多
Emergency medical services (EMS) are a vital element of the public healthcare system in China,^([1])providing an opportunity to respond to critical medical conditions and save people’s lives.^([2])The accessibility o...Emergency medical services (EMS) are a vital element of the public healthcare system in China,^([1])providing an opportunity to respond to critical medical conditions and save people’s lives.^([2])The accessibility of EMS has received considerable attention in health and transport geography studies.^([3])One of the optimal gauges for evaluating the accessibility of EMS is the response time,which is defined as the time from receiving an emergency call to the arrival of an ambulance.^([4])Beijing has already reduced the response time to approximately12 min,and the next goal is to ensure that the response time across Beijing does not exceed 12 min (the information comes from the Beijing Emergency Medical Center).展开更多
The advancement of navigation systems for the visually impaired has significantly enhanced their mobility by mitigating the risk of encountering obstacles and guiding them along safe,navigable routes.Traditional appro...The advancement of navigation systems for the visually impaired has significantly enhanced their mobility by mitigating the risk of encountering obstacles and guiding them along safe,navigable routes.Traditional approaches primarily focus on broad applications such as wayfinding,obstacle detection,and fall prevention.However,there is a notable discrepancy in applying these technologies to more specific scenarios,like identifying distinct food crop types or recognizing faces.This study proposes a real-time application designed for visually impaired individuals,aiming to bridge this research-application gap.It introduces a system capable of detecting 20 different food crop types and recognizing faces with impressive accuracies of 83.27%and 95.64%,respectively.These results represent a significant contribution to the field of assistive technologies,providing visually impaired users with detailed and relevant information about their surroundings,thereby enhancing their mobility and ensuring their safety.Additionally,it addresses the vital aspects of social engagements,acknowledging the challenges faced by visually impaired individuals in recognizing acquaintances without auditory or tactile signals,and highlights recent developments in prototype systems aimed at assisting with face recognition tasks.This comprehensive approach not only promises enhanced navigational aids but also aims to enrich the social well-being and safety of visually impaired communities.展开更多
Distributed speech recognition (DSR) applications have certain QoS (Quality of service) requirements in terms of latency, packet loss rate, etc. To deliver quality guaranteed DSR application over wirelined or wireless...Distributed speech recognition (DSR) applications have certain QoS (Quality of service) requirements in terms of latency, packet loss rate, etc. To deliver quality guaranteed DSR application over wirelined or wireless links, some QoS mechanisms should be provided. We put forward a RTP/RSVP transmission scheme with DSR-specific payload and QoS parameters by modifying the present WAP protocol stack. The simulation result shows that this scheme will provide adequate network bandwidth to keep the real-time transport of DSR data over either wirelined or wireless channels.展开更多
Today with certainty, the petroleum industry is fostering sanguinely the fields’ development programs for the optimization of reservoir characterization through worth-full appliances of computer analysis techniques. ...Today with certainty, the petroleum industry is fostering sanguinely the fields’ development programs for the optimization of reservoir characterization through worth-full appliances of computer analysis techniques. The time element is of prime importance for optimistic petroleum development projects. Therefore, the frontline of “Real-time Analysis” is added into the applications of computer solving techniques for achieving and sketching up the real-time cost effectiveness in analyzing field development programs. It focuses on the phases of real-time well test data acquisition system, real-time secure access to the well test data either on field or in office and real-time data interpretation unit. This interface will yield the productive results for the field of reservoir’s pressure transient analysis and wells’ systems analysis by following the up-to-date preferred, accurate and effective well test analytical principles with modern real-time computer applications and techniques. It also lays emphasis for the comfort and reliability of data in creating best interpersonal working modes within a reputable and esteemed petroleum development organization.展开更多
Objective: to use remote real-time ECG monitoring for patients with cardiovascular diseases and to observe the effect of this method in ECG critical value treatment. Methods: 146 patients with cardiovascular diseases ...Objective: to use remote real-time ECG monitoring for patients with cardiovascular diseases and to observe the effect of this method in ECG critical value treatment. Methods: 146 patients with cardiovascular diseases in our department from January 2019 to December 2020 were taken as observation objects and divided into the first group and the second group. Remote real-time ECG monitoring and routine ECG monitoring were used respectively to compare the monitoring effects of the two kinds of ECG. Results: (1) the positive and negative detection rates of critical values in the first and second groups were 36.98% and 63.01% in the first group and 15.06% and 84.93% in the second group respectively (χ2 = 23.203,P = 0.000). The results were different. (2) In the comparison of the treatment time of ECG critical value between the first group and the second group, the first group is 7.56±1.64(min) and the second group is 7.85±1.72(min), (t = 0.538,P = 0.361), the results are not different. Conclusion: the remote real-time ECG monitoring for patients with cardiovascular diseases is effective, and this method can be popularized.展开更多
Objective To investigate the surgical technique and outcomes of replacement of chordae tendineae in mitral valve repair,and evaluate the value of real-time three-di-mensional transesophageal echocardiography in the pe...Objective To investigate the surgical technique and outcomes of replacement of chordae tendineae in mitral valve repair,and evaluate the value of real-time three-di-mensional transesophageal echocardiography in the perioperative period. Methods Thirty-one patients with mitral valve prolapse underwent mitral valve repair using chordae tendineae replacement concomitant with implantation展开更多
In order to improve the efficiency of regression testing in web application,the control flow graph and the greedy algorithm are adopted.This paper considers a web page as a basic unit and introduces a test case select...In order to improve the efficiency of regression testing in web application,the control flow graph and the greedy algorithm are adopted.This paper considers a web page as a basic unit and introduces a test case selection method for web application regression testing based on the control flow graph.This method is safe enough to the test case selection.On the base of features of request sequence in web application,the minimization technique and the priority of test cases are taken into consideration in the process of execution of test cases in regression testing for web application.The improved greedy algorithm is also raised resulting in optimization of execution of test cases.The experiments indicate that the number of test cases which need to be retested is reduced,and the efficiency of execution of test cases is also improved.展开更多
In order to analyze and test the component-based web application and decide when to stop the testing process, the concept of coverage criteria and test requirement reduction approach are proposed. First, four adequacy...In order to analyze and test the component-based web application and decide when to stop the testing process, the concept of coverage criteria and test requirement reduction approach are proposed. First, four adequacy criteria are defined and subsumption relationships among them are proved. Then, a translation algorithm is presented to transfer the test model into a web application decision-to-decision graph(WADDGraph)which is used to reduce testing requirements. Finally, different sets of test requirements can be generated from WADDGraph by analyzing subsumption and equivalence relationships among edges based on different coverage criteria, and testers can select different test requirements according to different testing environments. The case study indicates that coverage criteria follow linear subsumption relationships in real web applications. Test requirements can be reduced more than 55% on average based on different coverage criteria and the size of test requirements increases with the increase in the complexity of the coverage criteria.展开更多
Ajax is really several technologies,each flourishing in its own right,coming together in powerful new ways,which consists of HTML,JavaScript^(TM)technology,DHTML,and DOM,is an outstanding approach that helps to transf...Ajax is really several technologies,each flourishing in its own right,coming together in powerful new ways,which consists of HTML,JavaScript^(TM)technology,DHTML,and DOM,is an outstanding approach that helps to transform clunky Web interfaces into interactive Ajax applications.After the definition to Ajax,how to make asynchronous requests with JavaScript and Ajax was introduced.At the end,advanced requests and responses in Ajax were put forward.展开更多
Forms enhance both the dynamic and interactive abilities of Web applications and the system complexity. And it is especially important to test forms completely and thoroughly. Therefore, this paper discusses how to ca...Forms enhance both the dynamic and interactive abilities of Web applications and the system complexity. And it is especially important to test forms completely and thoroughly. Therefore, this paper discusses how to carry out the form testing by different methods in the related testing phases. Namely, at first, automatically abstracting forms in the Web pages by parsing the HTML documents; then, ohtai ning the testing data with a certain strategies, such as by requirement specifications, by mining users' hefore input informarion or by recording meehanism; and next executing the testing actions automatically due to the well formed test cases; finally, a case study is given to illustrate the convenient and effective of these methods.展开更多
A formal model representing the navigation behavior of a Web application as the Kripke structure is proposed and an approach that applies model checking to test case generation is presented. The Object Relation Diagra...A formal model representing the navigation behavior of a Web application as the Kripke structure is proposed and an approach that applies model checking to test case generation is presented. The Object Relation Diagram as the object model is employed to describe the object structure of a Web application design and can be translated into the behavior model. A key problem of model checking-based test generation for a Web application is how to construct a set of trap properties that intend to cause the violations of model checking against the behavior model and output of counterexamples used to construct the test sequences. We give an algorithm that derives trap properties from the object model with respect to node and edge coverage criteria.展开更多
‘‘Web ground control"(web GC) provides users with instantaneous access to mine design applications anywhere, at any time, through a web browser.Utilizing a web-based multiple-tier architecture, users are able t...‘‘Web ground control"(web GC) provides users with instantaneous access to mine design applications anywhere, at any time, through a web browser.Utilizing a web-based multiple-tier architecture, users are able to easily access ground control designs, perform on-demand calculations in the field, as well as facilitate project collaborations across multiple users, devices, and operating systems.Currently, the web GC platform contains five ground control related design applications previously developed and distributed by the US National Institute of Occupational Safety and Health(NIOSH), that is, analysis of roof bolt stability(ARBS), analysis of longwall pillar stability(ALPS), analysis of retreat mining stability(ARMPS), analysis of retreat mining stability–highwall mining(ARMPS-HWM), and analysis of horizontal stress in mining(AHSM).With respect to design decisions made by the web GC development team, the web GC platform will be able to further integrate future mine design applications providing the mining industry with one of a kind umbrella suite of ground control related software available at ones fingertips.The following paper provides a detailed overview on the current state of the web GC platform with discussions ranging from back-end database development and design to the front-end user-platform interface.Based on current progress in platform development as well as beta testing results, the web GC platform is scheduled for release in the fall of 2018.展开更多
To detect security vulnerabilities in a web application,the security analyst must choose the best performance Security Analysis Static Tool(SAST)in terms of discovering the greatest number of security vulnerabilities ...To detect security vulnerabilities in a web application,the security analyst must choose the best performance Security Analysis Static Tool(SAST)in terms of discovering the greatest number of security vulnerabilities as possible.To compare static analysis tools for web applications,an adapted benchmark to the vulnerability categories included in the known standard Open Web Application Security Project(OWASP)Top Ten project is required.The information of the security effectiveness of a commercial static analysis tool is not usually a publicly accessible research and the state of the art on static security tool analyzers shows that the different design and implementation of those tools has different effectiveness rates in terms of security performance.Given the significant cost of commercial tools,this paper studies the performance of seven static tools using a new methodology proposal and a new benchmark designed for vulnerability categories included in the known standard OWASP Top Ten project.Thus,the practitioners will have more precise information to select the best tool using a benchmark adapted to the last versions of OWASP Top Ten project.The results of this work have been obtaining using widely acceptable metrics to classify them according to three different degree of web application criticality.展开更多
In recent years, web security has been viewed in the context of securing the web application layer from attacks by unauthorized users. The vulnerabilities existing in the web application layer have been attributed eit...In recent years, web security has been viewed in the context of securing the web application layer from attacks by unauthorized users. The vulnerabilities existing in the web application layer have been attributed either to using an inappropriate software development model to guide the development process, or the use of a software development model that does not consider security as a key factor. Therefore, this systematic literature review is conducted to investigate the various security vulnerabilities used to secure the web application layer, the security approaches or techniques used in the process, the stages in the software development in which the approaches or techniques are emphasized, and the tools and mechanisms used to detect vulnerabilities. The study extracted 519 publications from respectable scientific sources, i.e. the IEEE Computer Society, ACM Digital Library, Science Direct, Springer Link. After detailed review process, only 56 key primary studies were considered for this review based on defined inclusion and exclusion criteria. From the review, it appears that no one software is referred to as a standard or preferred software product for web application development. In our SLR, we have performed a deep analysis on web application security vulnerabilities detection methods which help us to identify the scope of SLR for comprehensively investigation in the future research. Further in this SLR considering OWASP Top 10 web application vulnerabilities discovered in 2012, we will attempt to categories the accessible vulnerabilities. OWASP is major source to construct and validate web security processes and standards.展开更多
基金the Science and Technology Program of Educational Commission of Jiangxi Province,China(DA202104172)the Innovation and Entrepreneurship Course Program of Nanchang Hangkong University(KCPY1910)the Teaching Reform Research Program of Nanchang Hangkong University(JY21040).
文摘Background In recent years, with the rapid development of mobile Internet and Web3D technologies, a large number of web-based online 3D visualization applications have emerged. Web3D applications, including Web3D online tourism, Web3D online architecture, Web3D online education environment, Web3D online medical care, and Web3D online shopping are examples of these applications that leverage 3D rendering on the web. These applications have pushed the boundaries of traditional web applications that use text, sound, image, video, and 2D animation as their main communication media, and resorted to 3D virtual scenes as the main interaction object, enabling a user experience that delivers a strong sense of immersion. This paper approached the emerging Web3D applications that generate stronger impacts on people's lives through “real-time rendering technology”, which is the core technology of Web3D. This paper discusses all the major 3D graphics APIs of Web3D and the well-known Web3D engines at home and abroad and classify the real-time rendering frameworks of Web3D applications into different categories. Results Finally, this study analyzed the specific demand posed by different fields to Web3D applications by referring to the representative Web3D applications in each particular field. Conclusions Our survey results show that Web3D applications based on real-time rendering have in-depth sectors of society and even family, which is a trend that has influence on every line of industry.
文摘In today’s rapidly evolving digital landscape,web application security has become paramount as organizations face increasingly sophisticated cyber threats.This work presents a comprehensive methodology for implementing robust security measures in modern web applications and the proof of the Methodology applied to Vue.js,Spring Boot,and MySQL architecture.The proposed approach addresses critical security challenges through a multi-layered framework that encompasses essential security dimensions including multi-factor authentication,fine-grained authorization controls,sophisticated session management,data confidentiality and integrity protection,secure logging mechanisms,comprehensive error handling,high availability strategies,advanced input validation,and security headers implementation.Significant contributions are made to the field of web application security.First,a detailed catalogue of security requirements specifically tailored to protect web applications against contemporary threats,backed by rigorous analysis and industry best practices.Second,the methodology is validated through a carefully designed proof-of-concept implementation in a controlled environment,demonstrating the practical effectiveness of the security measures.The validation process employs cutting-edge static and dynamic analysis tools for comprehensive dependency validation and vulnerability detection,ensuring robust security coverage.The validation results confirm the prevention and avoidance of security vulnerabilities of the methodology.A key innovation of this work is the seamless integration of DevSecOps practices throughout the secure Software Development Life Cycle(SSDLC),creating a security-first mindset from initial design to deployment.By combining proactive secure coding practices with defensive security approaches,a framework is established that not only strengthens application security but also fosters a culture of security awareness within development teams.This hybrid approach ensures that security considerations are woven into every aspect of the development process,rather than being treated as an afterthought.
基金supported by National Key Research & Development Program of China (2022YFC3006201)。
文摘Emergency medical services (EMS) are a vital element of the public healthcare system in China,^([1])providing an opportunity to respond to critical medical conditions and save people’s lives.^([2])The accessibility of EMS has received considerable attention in health and transport geography studies.^([3])One of the optimal gauges for evaluating the accessibility of EMS is the response time,which is defined as the time from receiving an emergency call to the arrival of an ambulance.^([4])Beijing has already reduced the response time to approximately12 min,and the next goal is to ensure that the response time across Beijing does not exceed 12 min (the information comes from the Beijing Emergency Medical Center).
基金supported by theKorea Industrial Technology Association(KOITA)Grant Funded by the Korean government(MSIT)(No.KOITA-2023-3-003)supported by the MSIT(Ministry of Science and ICT),Korea,under the ITRC(Information Technology Research Center)Support Program(IITP-2024-2020-0-01808)Supervised by the IITP(Institute of Information&Communications Technology Planning&Evaluation)。
文摘The advancement of navigation systems for the visually impaired has significantly enhanced their mobility by mitigating the risk of encountering obstacles and guiding them along safe,navigable routes.Traditional approaches primarily focus on broad applications such as wayfinding,obstacle detection,and fall prevention.However,there is a notable discrepancy in applying these technologies to more specific scenarios,like identifying distinct food crop types or recognizing faces.This study proposes a real-time application designed for visually impaired individuals,aiming to bridge this research-application gap.It introduces a system capable of detecting 20 different food crop types and recognizing faces with impressive accuracies of 83.27%and 95.64%,respectively.These results represent a significant contribution to the field of assistive technologies,providing visually impaired users with detailed and relevant information about their surroundings,thereby enhancing their mobility and ensuring their safety.Additionally,it addresses the vital aspects of social engagements,acknowledging the challenges faced by visually impaired individuals in recognizing acquaintances without auditory or tactile signals,and highlights recent developments in prototype systems aimed at assisting with face recognition tasks.This comprehensive approach not only promises enhanced navigational aids but also aims to enrich the social well-being and safety of visually impaired communities.
文摘Distributed speech recognition (DSR) applications have certain QoS (Quality of service) requirements in terms of latency, packet loss rate, etc. To deliver quality guaranteed DSR application over wirelined or wireless links, some QoS mechanisms should be provided. We put forward a RTP/RSVP transmission scheme with DSR-specific payload and QoS parameters by modifying the present WAP protocol stack. The simulation result shows that this scheme will provide adequate network bandwidth to keep the real-time transport of DSR data over either wirelined or wireless channels.
文摘Today with certainty, the petroleum industry is fostering sanguinely the fields’ development programs for the optimization of reservoir characterization through worth-full appliances of computer analysis techniques. The time element is of prime importance for optimistic petroleum development projects. Therefore, the frontline of “Real-time Analysis” is added into the applications of computer solving techniques for achieving and sketching up the real-time cost effectiveness in analyzing field development programs. It focuses on the phases of real-time well test data acquisition system, real-time secure access to the well test data either on field or in office and real-time data interpretation unit. This interface will yield the productive results for the field of reservoir’s pressure transient analysis and wells’ systems analysis by following the up-to-date preferred, accurate and effective well test analytical principles with modern real-time computer applications and techniques. It also lays emphasis for the comfort and reliability of data in creating best interpersonal working modes within a reputable and esteemed petroleum development organization.
文摘Objective: to use remote real-time ECG monitoring for patients with cardiovascular diseases and to observe the effect of this method in ECG critical value treatment. Methods: 146 patients with cardiovascular diseases in our department from January 2019 to December 2020 were taken as observation objects and divided into the first group and the second group. Remote real-time ECG monitoring and routine ECG monitoring were used respectively to compare the monitoring effects of the two kinds of ECG. Results: (1) the positive and negative detection rates of critical values in the first and second groups were 36.98% and 63.01% in the first group and 15.06% and 84.93% in the second group respectively (χ2 = 23.203,P = 0.000). The results were different. (2) In the comparison of the treatment time of ECG critical value between the first group and the second group, the first group is 7.56±1.64(min) and the second group is 7.85±1.72(min), (t = 0.538,P = 0.361), the results are not different. Conclusion: the remote real-time ECG monitoring for patients with cardiovascular diseases is effective, and this method can be popularized.
文摘Objective To investigate the surgical technique and outcomes of replacement of chordae tendineae in mitral valve repair,and evaluate the value of real-time three-di-mensional transesophageal echocardiography in the perioperative period. Methods Thirty-one patients with mitral valve prolapse underwent mitral valve repair using chordae tendineae replacement concomitant with implantation
基金The National Natural Science Foundation of China(No.60503020,60503033,60703086)Opening Foundation of Jiangsu Key Laboratory of Computer Information Processing Technology in Soochow University(No.KJS0714)
文摘In order to improve the efficiency of regression testing in web application,the control flow graph and the greedy algorithm are adopted.This paper considers a web page as a basic unit and introduces a test case selection method for web application regression testing based on the control flow graph.This method is safe enough to the test case selection.On the base of features of request sequence in web application,the minimization technique and the priority of test cases are taken into consideration in the process of execution of test cases in regression testing for web application.The improved greedy algorithm is also raised resulting in optimization of execution of test cases.The experiments indicate that the number of test cases which need to be retested is reduced,and the efficiency of execution of test cases is also improved.
基金The National Natural Science Foundation of China(No.90818027,60873050)the National High Technology Research andDevelopment Program of China (863 Program) (No.2009AA01Z147)+2 种基金Opening Foundation of State Key Laboratory Software Engineering in Wu-han University(No.SKLSE20080717)Opening Foundation of State KeyLaboratory for Novel Software Technology in Nanjing University(No.ZZ-KT2008F12)the Key Laboratory Foundation of Shanghai Municipal Science and Technology Commission (No.09DZ2272600)
文摘In order to analyze and test the component-based web application and decide when to stop the testing process, the concept of coverage criteria and test requirement reduction approach are proposed. First, four adequacy criteria are defined and subsumption relationships among them are proved. Then, a translation algorithm is presented to transfer the test model into a web application decision-to-decision graph(WADDGraph)which is used to reduce testing requirements. Finally, different sets of test requirements can be generated from WADDGraph by analyzing subsumption and equivalence relationships among edges based on different coverage criteria, and testers can select different test requirements according to different testing environments. The case study indicates that coverage criteria follow linear subsumption relationships in real web applications. Test requirements can be reduced more than 55% on average based on different coverage criteria and the size of test requirements increases with the increase in the complexity of the coverage criteria.
文摘在7月份的微软全球合作伙伴大会上,微软正式宣布了Office 2010的第一个“半公开”测试版本:Office 2010 Technical Preview和SharePoint 2010 Technical Preview。前者是“传统”的Office客户端程序,后者则定位成“Business Collaboration Platform for the Enteprise and the Web”的下一代Office服务器产品。之所以说它是“半公开”,是因为这个测试版本并非提供给所有用户下载试用,而是通过注册和邀请的方式,只提供给部分特定的测试用户使用。
文摘Ajax is really several technologies,each flourishing in its own right,coming together in powerful new ways,which consists of HTML,JavaScript^(TM)technology,DHTML,and DOM,is an outstanding approach that helps to transform clunky Web interfaces into interactive Ajax applications.After the definition to Ajax,how to make asynchronous requests with JavaScript and Ajax was introduced.At the end,advanced requests and responses in Ajax were put forward.
基金Supported by the National Natural Science Foun-dation of China (60425206 ,90412003 ,60503033)the National Bas-ic Research Program of China (973 Program 2002CB312000 ) Opening Foundation of State Key Laboratory of Software Engineeringin Wuhan University, High Technology Research Project of JiangsuProvince (BG2005032)
文摘Forms enhance both the dynamic and interactive abilities of Web applications and the system complexity. And it is especially important to test forms completely and thoroughly. Therefore, this paper discusses how to carry out the form testing by different methods in the related testing phases. Namely, at first, automatically abstracting forms in the Web pages by parsing the HTML documents; then, ohtai ning the testing data with a certain strategies, such as by requirement specifications, by mining users' hefore input informarion or by recording meehanism; and next executing the testing actions automatically due to the well formed test cases; finally, a case study is given to illustrate the convenient and effective of these methods.
基金Supported by the National Natural Science Foundation of China (60673115)the National Basic Research Program of China (973 Program) (2002CB312001)the Open Foundation of State Key Laboratory of Soft-ware Engineering (SKLSE05-13)
文摘A formal model representing the navigation behavior of a Web application as the Kripke structure is proposed and an approach that applies model checking to test case generation is presented. The Object Relation Diagram as the object model is employed to describe the object structure of a Web application design and can be translated into the behavior model. A key problem of model checking-based test generation for a Web application is how to construct a set of trap properties that intend to cause the violations of model checking against the behavior model and output of counterexamples used to construct the test sequences. We give an algorithm that derives trap properties from the object model with respect to node and edge coverage criteria.
基金sponsored by the Alpha Foundation for the Improvement of Mine Safety and Health, Inc
文摘‘‘Web ground control"(web GC) provides users with instantaneous access to mine design applications anywhere, at any time, through a web browser.Utilizing a web-based multiple-tier architecture, users are able to easily access ground control designs, perform on-demand calculations in the field, as well as facilitate project collaborations across multiple users, devices, and operating systems.Currently, the web GC platform contains five ground control related design applications previously developed and distributed by the US National Institute of Occupational Safety and Health(NIOSH), that is, analysis of roof bolt stability(ARBS), analysis of longwall pillar stability(ALPS), analysis of retreat mining stability(ARMPS), analysis of retreat mining stability–highwall mining(ARMPS-HWM), and analysis of horizontal stress in mining(AHSM).With respect to design decisions made by the web GC development team, the web GC platform will be able to further integrate future mine design applications providing the mining industry with one of a kind umbrella suite of ground control related software available at ones fingertips.The following paper provides a detailed overview on the current state of the web GC platform with discussions ranging from back-end database development and design to the front-end user-platform interface.Based on current progress in platform development as well as beta testing results, the web GC platform is scheduled for release in the fall of 2018.
文摘To detect security vulnerabilities in a web application,the security analyst must choose the best performance Security Analysis Static Tool(SAST)in terms of discovering the greatest number of security vulnerabilities as possible.To compare static analysis tools for web applications,an adapted benchmark to the vulnerability categories included in the known standard Open Web Application Security Project(OWASP)Top Ten project is required.The information of the security effectiveness of a commercial static analysis tool is not usually a publicly accessible research and the state of the art on static security tool analyzers shows that the different design and implementation of those tools has different effectiveness rates in terms of security performance.Given the significant cost of commercial tools,this paper studies the performance of seven static tools using a new methodology proposal and a new benchmark designed for vulnerability categories included in the known standard OWASP Top Ten project.Thus,the practitioners will have more precise information to select the best tool using a benchmark adapted to the last versions of OWASP Top Ten project.The results of this work have been obtaining using widely acceptable metrics to classify them according to three different degree of web application criticality.
文摘In recent years, web security has been viewed in the context of securing the web application layer from attacks by unauthorized users. The vulnerabilities existing in the web application layer have been attributed either to using an inappropriate software development model to guide the development process, or the use of a software development model that does not consider security as a key factor. Therefore, this systematic literature review is conducted to investigate the various security vulnerabilities used to secure the web application layer, the security approaches or techniques used in the process, the stages in the software development in which the approaches or techniques are emphasized, and the tools and mechanisms used to detect vulnerabilities. The study extracted 519 publications from respectable scientific sources, i.e. the IEEE Computer Society, ACM Digital Library, Science Direct, Springer Link. After detailed review process, only 56 key primary studies were considered for this review based on defined inclusion and exclusion criteria. From the review, it appears that no one software is referred to as a standard or preferred software product for web application development. In our SLR, we have performed a deep analysis on web application security vulnerabilities detection methods which help us to identify the scope of SLR for comprehensively investigation in the future research. Further in this SLR considering OWASP Top 10 web application vulnerabilities discovered in 2012, we will attempt to categories the accessible vulnerabilities. OWASP is major source to construct and validate web security processes and standards.
