Test driven development (TDD) is an agile software development technique and it is one of the core development practices of Extreme programming (XP). In TDD, developers write automatically executable ...tests prior to writing the code they test. We ran a set of experiments to empirically assess different parameters of the TDD. We compared TDD to a more "traditionally" oriented iterative test-last development process (ITL). Our preliminary results show that TDD is not substantially different from ITL and our qualitative findings about a development process are different from results obtained from other researches.
Are e-commerce users defenceless? Trampus, M.; Ciglaric, M.; Pancur, M. ...
Proceedings International Parallel and Distributed Processing Symposium,
2003
Conference Proceeding
We are interested in new ways of threats and attack on the e-commerce. The server side of e-commerce platform is usually very well protected and secured. Unfortunately, this is not true for the ...client side. End users are usually undereducated in the field of computer security. They use Internet clients such as Web browsers and e-mail programs to do their e-commerce business. Their platform that is used to run these programs can hardly be trusted. This paper focuses on the attacks on system and application infrastructure. The main idea of our approach is to take advantage of existing applications and attack them while they are executing. We analyze the steps that need to be taken in such attacks and point out the properties of the applications and execution environments that can be exploited. To demonstrate the findings, we present two case studies of such attacks. The first exploits a Web browser which uses SSL (Secure Sockets Layer) and the second an e-mail client which uses digital signatures. In both cases we are able to successfully perform the attack which escapes the end user's notice. In the final part of the paper we present a possible defence against such attack together with our work on a security enforcement system.
The paper presents an alternative message routing approach in unstructured peer-to-peer overlay networks. Unstructured peer-to-peer systems are loosely coupled, highly autonomous systems without ...hierarchy. Usually, flooding-based routing mechanisms are used for sending messages through the application layer overlay. Due to the limited scalability and high network load experiences, the paper suggests an improvement to reduce the traffic and overall performance: a peer remembers recently forwarded answers, so that he may route the next query messages with the same contents only to the relevant neighbor, not to all of them. Preliminary network simulations have shown promising results.
Content networks are overlay networks, enabling access to distributed contents on centralized servers or individual computers. Since the flooding-based routing scheme features poor scalability, we ...present a modification, which reduces the total network traffic while retaining the original efficiency. In choosy routing, each node, while passing an answer, remembers where it came from. Subsequently repeated queries about the same content are forwarded only to one neighbor. This way, the network learns effective routes. The simulations on several topology types have shown the expected behavior, with up to three-fold reduction in the overall query traffic.
The paper presents an open application framework for secure storage and management of digitally signed documents on Java Cards. Its purpose is to encourage similar solutions in other target ...environments.