Saïd Assar

Cloud Computing Risk Assessment: A Systematic Literature Review

Cloud computing security is a broad research domain with a large number of concerns, ranging from protecting hardware and platform technologies to protecting clouds data and resource access (through different end- user devices). Although the advantages of cloud computing are tremendous, the security and privacy concerns of cloud computing have always been the focus of numerous cloud customers and impediment to its widespread adaptation by businesses and organizations. The paper presents a systematic literature review in the field of cloud computing with a focus on risk assessment. This would help future research and cloud users/business organizations to have an overview of the risk factors in a cloud environment. And to proactively map their indigenous needs with this technology.

Distributed Denial of Service (DDoS) Attack in Cloud- Assisted Wireless Body Area Networks: A Systematic Literature Review

Wireless Body Area Networks (WBANs) have emerged as a promising technology that has shown enormous potential in improving the quality of healthcare, and has thus found a broad range of medical applications from ubiquitous health monitoring to emergency medical response systems. The huge amount of highly sensitive data collected and generated by WBAN nodes requires an ascendable and secure storage and processing infrastructure. Given the limited resources of WBAN nodes for storage and processing, the integration of WBANs and cloud computing may provide a powerful solution. However, despite the benefits of cloud-assisted WBAN, several security issues and challenges remain. Among these, data availability is the most nagging security issue. The most serious threat to data availability is a distributed denial of service (DDoS) attack that directly affects the all-time availability of a patient’s data. The existing solutions for standalone WBANs and sensor networks are not applicable in the cloud. The purpose of this review paper is to identify the most threatening types of DDoS attacks affecting the availability of a cloud-assisted WBAN and review the state-of-the-art detection mechanisms for the identified DDoS attacks.

Practical Studies in E-Government: Best Practices from Around the World

Information and communication technology (ICT) is permeating all aspects of service management; in the public sector, ICT is improving the capacity of government agencies to provide a wide array of innovative services that benefit citizens. E-Government is emerging as a multidisciplinary field of research based initially on empirical insights from practice. Efforts to theoretically anchor the field have opened perspectives from multiple research domains, as demonstrated in Practical Studies in E-Government. In this volume, the editors and contributors consider the evolution of the e-government field from both practical and research perspectives. Featuring in-depth case studies of initiatives in eight countries, the book deals with such technology-oriented issues as interoperability, prototyping, data quality, and advanced interfaces, and management-oriented issues as e-procurement, e-identification, election results verification, and information privacy. The book features best practices, tools for measuring and improving performance, and analytical methods for researchers.

Using text clustering to predict defect resolution time: a conceptual replication and an evaluation of prediction accuracy

Defect management is a central task in software maintenance. When a defect is reported, appropriate resources must be allocated to analyze and resolve the defect. An important issue in resource allocation is the estimation of Defect Resolution Time (DRT). Prior research has considered different approaches for DRT prediction exploiting information retrieval techniques and similarity in textual defect descriptions. In this article, we investigate the potential of text clustering for DRT prediction. We build on a study published by Raja (2013) which demonstrated that clusters of similar defect reports had statistically significant differences in DRT. Raja’s study also suggested that this difference between clusters could be used for DRT prediction. Our aims are twofold: First, to conceptually replicate Raja’s study and to assess the repeatability of its results in different settings; Second, to investigate the potential of textual clustering of issue reports for DRT prediction with focus on accuracy. Using different data sets and a different text mining tool and clustering technique, we first conduct an independent replication of the original study. Then we design a fully automated prediction method based on clustering with a simulated test scenario to check the accuracy of our method. The results of our independent replication are comparable to those of the original study and we confirm the initial findings regarding significant differences in DRT between clusters of defect reports. However, the simulated test scenario used to assess our prediction method yields poor results in terms of DRT prediction accuracy. Although our replication confirms the main finding from the original study, our attempt to use text clustering as the basis for DRT prediction did not achieve practically useful levels of accuracy.

Analyzing Feasibility for Deploying Very Fast Decision Tree for DDoS Attack Detection in Cloud-Assisted WBAN

In cloud-assisted wireless body area networks (WBAN), the data gathered by sensor nodes are delivered to a gateway node that collects and aggregates data and transfer it to cloud storage; making it vulnerable to numerous security attacks. Among these, Distributed Denial of Service (DDoS) attack could be considered as one of the major security threats against cloud-assisted WBAN security. To overcome the effects of DDoS attack in cloud-assisted WBAN environment various techniques have been explored during this research. Among these, data mining classification techniques have proven itself as a valuable tool to identify misbehaving nodes and thus for detecting DDoS attacks. Further classifying data mining techniques, Very Fast Decision Tree (VFDT) is considered as the most promising solution for real-time data mining of high speed and non- stationary data streams gathered from WBAN sensors and therefore is selected, studied and explored for efficiently analyzing and detecting DDoS attack in cloud-assisted WBAN environment.

E-Government 2.0: Back to Reality, a 2.0 Application to Vet

E-government 2.0 refers to the inclusions of features like social web, user-generated content, the delivery and use of open data, and network effects through more user engagement. Integrating Web 2.0 technologies into e-government is expected to create opportunities to improve online public services quality, change the relationship with citizens and businesses. The integration of web 2.0 in e-government can contribute to achieve new e-government strategic objectives and policies. Yet it provides many practical and theoretical challenges as research is limited in this field. The accomplishment of the benefits and strategic contribution might be more difficult than initially anticipated.

Model driven requirements engineering : mapping the field and beyond

Model Driven Engineering (MDE) holds the promise of raising the level of abstraction when designing systems by promoting domain specific modeling languages, model transformation techniques and code generation engines. Although requirements engineering (RE) relies on models and on modeling, RE and MDE have evolved separately and in distinct communities. The goal of our ongoing work is to analyze the state of the art regarding the convergence and evolution of MDE and RE. This paper is a preliminary study in which we review all papers published at MoDRE workshops and map them according to three perspectives: research issue, research contribution and evaluation method. Our analysis indicates clear predominance of proposals of new language for requirement representation and the derivation of system specifications. Other facets such as requirements elicitation and requirements validation methods are much less tackled, and traceability is seldom discussed.

A Goal-Oriented Perspective on Approaches to Web Service Discovery

Goal modeling is a prominent design paradigm in various domains of information systems engineering. In the field of service oriented computing (SOC) and in the field of semantic web services, emergent research works are basing their engineering approach on the goal concept. Because of the complexity of processes underlying SOC, the usage of the goal concept can vary to a large extent. In this paper, we study approaches to service oriented engineering and propose a frame-work to analyze and better understand how the goal concept is used in web service discovery. The framework is inspired by the four world vision of information systems engineering (i.e. subject, system, development and usage). Using this framework, we review eight prominent research works in SOE. Through this analysis, we seek to better understand the link between semantic web technologies and the goal concept, and what are the challenging issues in terms of goal usage in service discovery.

Security and privacy issues in cloud computing

HAL is a multi-disciplinary open access archive for the deposit and dissemination of scientific research documents, whether they are published or not. The documents may come from teaching and research institutions in France or abroad, or from public or private research centers. L’archive ouverte pluridisciplinaire HAL, est destinée au dépôt et à la diffusion de documents scientifiques de niveau recherche, publiés ou non, émanant des établissements d’enseignement et de recherche français ou étrangers, des laboratoires publics ou privés. Security and privacy issues in cloud computing Haider Abbas, Olaf Maennel, Saïd Assar

Digitalization of swedish government agencies: a perspective through the lens of a software development census

Software engineering is at the core of the digitalization of society. Ill-informed decisions can have major consequences, as made evident in the 2017 government crisis in Sweden, originating in a data breach caused by an outsourcing deal made by the Swedish Transport Agency. Many Government Agencies (GovAgs) in Sweden are rapidly undergoing a digital transition, thus it is important to overview how widespread, and mature, software development is in this part of the public sector. We present a software development census of Swedish GovAgs, complemented by document analysis and a survey. We show that 39.2% of the GovAgs develop software internally, some matching the number of developers in large companies. Our findings suggest that the development largely resembles private sector counterparts, and that established best practices are implemented. Still, we identify improvement potential in the areas of strategic sourcing, openness, collaboration across GovAgs, and quality requirements. The Swedish Government has announced the establishment of a new digitalization agency next year, and our hope is that the software engineering community will contribute its expertise with a clear voice.