Sohail Safdar

Framework for Alternate Execution of Workflows Under Threat

The main objective of the research is to propose an execution framework for workflow systems under threat. When the threat (intrusion) is detected, the workflow system needs to be stopped immediately to avoid any possible loss of enterprise data. The system becomes active again, once it is completely recovered from the threat. This proposed framework overcomes the problem of discontinuity of services as a result of threat detection by enabling the execution of the workflow on an alternate path, keeping the security and integrity of the asset information intact. Hence the system remains available all the time in a secured fashion making it possible for the end user to access the services and data even in the vulnerable state. To achieve the specified goals, the special authentication mechanism has been adopted to authorize the users after threat is detected. Then the data is hibernated that is transferred to the designed dimensions and the connectivity and access to the hibernated data is provided by the chameleon agent. These three core components enable the workflow to execute in a secured and robust manner during system’s unsafe state.

Moving towards two dimensional passwords

The main objective of the research is to specify two dimensional passwords that can possess much more strength as compared to linear passwords. These passwords are strong enough to provide effective and secure authentication under certain alarming situations. The alarming situations are the situations where the possibility to breach the system security exists. The specification of the two dimensional nxn passwords has been provided based on NIST standards. The strength of nxn password has been calculated that has proven to be much more as compared to the linear passwords. It is proposed that these passwords should be used under alarming situations such as the protection requirement for some critical resource, special authentication when the system is in unsafe state or protection of sensitive data. Therefore it has been recommended to move from linear passwords to the passwords defined in two dimensional space, whenever some alarming situation arises.

Client's Perspective: Realization as a New Generation Process for Software Project Development and Management

IT industry despite the wide use of most modern tools and technologies has been unable to achieve targeted success. Awry situations in projects have become routine matter. Besides technical other factors influencing software development activities also need to be considered. Software development and consultancy organizations must realize the importance of such technical and non-technical factors like client’s perspective, organizational environment, company policies and social infrastructure. Identification and managing such issues are more cumbersome than routine practical tasks. This paper focuses on one of the most important and critical cum technical factor client’s perspective. Elements comprising client’s perspective are identified and the spider web model is proposed to practice it. Real projects based evaluation is made. The results elaborate the client based practices. Client based practices would be an advent of new generation of processes to overcome IT industry dilemma.

Two Phase Shortest Path Algorithm for Non-negative Weighted Undirected Graphs

Breadth First Search (BFS) can calculate the shortest path for un-weighted graphs very efficiently but when it comes to non-negative weighted graphs it fails at a point when a successor updates a predecessor. Such nodes are being referred as Culprit nodes in this research. These Culprit nodes are the ones that cause error in shortest path in an algorithm that traverses like BFS. This research targets on recognizing and marking Culprit nodes to disengage them until they are properly and completely updated. Processing through such nodes is postponed until all possible updates are made on these nodes nullifying all possible chances of errors. As nodes are being traversed in BFS fashion with few violations and additions promising a O(k(|V| + |E|)) time algorithm where 0

An edge-wise linear shortest path algorithm for non negative weighted undirected graphs

In most of the shortest path problems like vehicle routing problems and network routing problems, we only need an efficient path between two points---source and destination, and it is not necessary to calculate the shortest path from source to all other nodes. This paper concentrates on this very idea and presents an algorithm for calculating shortest path for nonnegative weighted undirected graphs. The algorithm completes its execution in O(|E|) for all targeted graphs---where no successor node updates predecessor node. The main advantage of the algorithms is its simplicity and it does not need complex data structures for implementations.

An insight into real software industry paradigms and software engineering research

Since years software development industry is trying hard to show a remarkable performance in its project development work. Issues related to the software processes improvement, risk management, peoples factors and effective project management still exist. Though academic researchers have produced good quality work on software industry issues, but unluckily, software industry could not get benefit of it as was being expected. Software engineering research work also seems unable to identify and understand the real industry problems and providing hands on solutions. The gap between researchers and actual industry practitioners is the sole reason behind it. It is the foremost need to learn from the academic research work and experiences of real software development industry practitioners. The objective of this study is to bridge this gap by highlighting the root causes of differences between software engineering research works and actual industry practices. An analysis of real industry projects, academic projects, research publications, and industry people is made to complete this research work. The outcome of this research is twofold. First, the identification of factors behind the academic-industry gap; second, presenting a set of measures to bridge this gap to produce actual industry based research works.

Authentication model based on reformation mapping method

The main objective of the research is to propose an authentication model that exhibits the authentication in more secured fashion. The proposed authentication model is based on the reformation mapping method and works in two stages. Firstly, it reforms the user created password and stored it in the form other than its original form. Depending on the nature of the password i.e. linear or two dimensional, this reformation can be performed by rotation or shuffle techniques. Secondly, the reformation can be applied either to the user entered password or to the stored password at the time of authentication. This reformation ensures that the user entered password can be mapped appropriately with the stored password. The possible application of the proposed model is discussed using linear passwords and two dimensional nxn passwords. The proposed authentication model improves the security of the password by reforming its original form and hiding it from the hackers.

Security model for the protection of sensitive and confidential data on mobile devices

The main objective of this research is to provide security to confidential information contained in mobile devices like PDAs and laptops. Hence the model is proposed to ensure the secure authentication as well as secure access to the required information. The secure authentication is ensured by combining two previously used authentication modes in the devices, that is: password-based and biometric authentication. Furthermore, the authentication information are not stored at a single point hence provides higher security and less risk. All the authentication information is distributed over local and remote (server) nodes. Decrypting only the required files leaving the rest of files encrypted can ensure the secure access to the information using session and file management proposed in this model. The proposed model of combining both mechanisms provides better security and reliability as compared to previous systems.

Shortest path algorithm with pre-calculated single link failure recovery for non-negative weighted undirected graphs

Shortest path and related problems have been a very hot topic for researchers since Dijekstra devised his first shortest path algorithm. In transportation and communication routing, during the execution of system, failure of any link needs robust and most effective recovery. In such problems we need some recovery mechanism and/or plan for the continuation of the process with minimum or no delay with least, additional, recovery cost. This paper presents initial finding and achievements to recover from a single link failure on the shortest path with optimal alternate path keeping the cost low.

Formalizing an abstract architecture for the alternative data source utilized during system availability under intrusion threat

The main objective of the research is to formalize an abstract architecture for the alternative data source that is meant to be used during system availability under intrusion threat. For this purpose, three possible designed semantics have been identify and considered. The security and performance parameters that are required to be exhibited by the alternative data source have been identified. Qualitative analysis is carried out in terms of the identified security and performance parameters, among the considered design semantics to select the potentially secure and suitable design semantic. The selected design semantic becomes the basis of formalizing an abstract architecture for the alternative data source during system availability under intrusion threat scenario. (6 pages)