Malik Qasaimeh

Comparing Agile Software Processes Based on the Software Development Project Requirements

Agile software development principles and methodologies have gained a lot of popularity in recent years. Unlike traditional software processes, agile processes advocate flexible practices that allow coping with changing requirements. Recently, several agile processes have been proposed, which differ in a variety of ways. In this paper, we analyze the characteristics of many agile processes and classify them based on key requirements for a software development project. The objective is to help project managers and software engineers select an agile process that is most suitable to the requirements of their software projects.

Investigation of the Capability of XP to Support the Requirements of ISO 9001 Software Process Certification

For software organizations needing ISO 9001 certification, it is important to establish a software process life cycle that can manage the requirements imposed by this certification standard. This paper presents an analysis of extreme programming (XP) from the ISO 9001 and ISO 90003 perspectives. The focus is to extract the requirements related to the ISO product realization process and to determine the strengths and weaknesses of XP in handling those requirements.

A fingerprint featured data encryption algorithm

In this paper, we propose a new DES variant named Hashed Data Encryption Standard (or HDES for short), with an objective to enhance the limitation of static S-boxes arrangement in DES. The proposed HDES combines several techniques and components into one new algorithm to enhance the original DES. The HDES uses a hash function at the beginning of each block encryption process to produce a fingerprint for the plaintext, which will be used later to produce a seed that will coordinate the generation of the S-boxes during the sixteen rounds of the encryption process. The performance of the HDES has been evaluated and compared against DES and DESX. The evaluation has been conducted using the cipher data randomness and the encryption time.

Statistical mesh distributions for 3D object topology

In this paper we introduce several statistical distributions to analyze the topological properties of 3D graphics. The proposed statistical measures include the mesh degree, the mesh assortativity, the mesh clustering coefficient, and the mesh geodesic distance distributions. These probabilistic distributions provide useful information about the way 3D mesh models are connected. Illustrating experimental results show the effectiveness of the proposed measures in quantifying the topological features of 3D objects.

Software randomness analysis and evaluation of lightweight ciphers: the prospective for IoT security

In the past few years, various lightweight cryptographic algorithms have been proposed to balance the trade-offs between the requirements of resource constrained IoT devices and the need to securely transmit and protect data. However, it is critical to analyze and evaluate these algorithms to examine their capabilities. This paper provides a thorough investigation of the randomness of ciphertext obtained from Simeck, Kasumi, DES and AES. The design of our randomness analysis is based on five metrics implemented following the guidance of the NIST statistical test suite for cryptographic applications. This analysis also provides performance and power consumption evaluations for the selected cryptographic algorithms using different platforms and measures. Results from the evaluation reveal that lightweight algorithms have competitive randomness levels, lower processing time and lower power consumption when compared to conventional algorithms.

Randomness Analysis of DES Ciphers Produced with Various Dynamic Arrangements

Over the past few years, researchers have devoted efforts to enhance the original DES encryption algorithm. These enhancements focus on improving multiple perspectives of the algorithm through enhancing its internal components to deliver a robust DES variant against different kinds of typical attacks such as linear and differential crypto analysis, in addition to the newly evolved attacks such as differential power analysis attacks. In fact the output of existing solutions have enhanced the ciphertext randomness. This paper introduces two encryption algorithms that enhance the original DES named DDES and HDES. DDES is mainly based on a secure selection of both S-boxes and P-box arrangements during each encryption round, it has also extended the key length by adding two more keys beside the original one to the encryption process. HDES, on the other hand, uses a hash function to generate a random fingerprint for each plaintext block. This fingerprint is used to generate the seed to produce round seeds that are used to select secure S-boxes only for each round in the encryption process. These two variants meet with certain demands that are imposed by the user applications context. DDES provides a higher ciphertext randomness with some added processing time, while HDES provides a relatively secure variant with lower processing time. These two variants can provide alternatives depending on the targeted applications that require different levels of security and processing time. DDES and HDES have been evaluated and compared against DES, DESX and 3DES, using a number of metrics including chi-square test, cipher data difference, hamming distance and processing time.

HIPAA Security and Privacy Rules Auditing in Extreme Programming Environments

Healthcare business is responsible of keeping patient data safe and secure by following the rules of the federal Health Insurance Portability and Accountability Act of 1996, HIPAA. Agile software organizations that deal with healthcare software system face a number of challenges to demonstrate that their process activities conform to the rules of HIPAA. Such organizations must establish a software process life cycle and develop procedures, tools, and methodologies that can manage the HIPAA requirements during the different stages of system development, and also must provide evidences of HIPAA conformity. This paper proposes an auditing model for HIPAA security and privacy rules in XP environments. The design of the proposed model is based on an evaluation theory which takes as its input the work of Lopez ATAM, and the standards of common criteria CC concepts. The proposed auditing model has been assessed based on four case studies. The auditing result shows that the proposed model is capable of capturing the auditing evidences in most of the selected case studies.

A Group Leader Location Hiding Technique for VANETs

Vehicular ad hoc network (VANET) is one of the most promising and emerging communication technologies that could definitely lead to significant improvements in the traffic management and safety. Location privacy is a critical requirement in VANET, since location information may be shared between vehicles to support the VANET applications. Therefore, it is crucial to protect the location of users. In this paper, we propose a location privacy protection technique that utilises the shadow concept and takes into consideration the reliability in protecting the group leader location, which would basically provide the needed anonymity and protection for the location information targeted by global adversaries. The performance of the proposed technique has been investigated through simulation and compared against the well-known AOSA technique. The results from extensive simulations have shown that the proposed technique enhances the anonymity of the group leader vehicle by reducing the time that the global adversaries can use in collecting location information.