Home / Advanced Search

  • Title/Keywords

  • Author/Affliations

  • Journal

  • Article Type

  • Start Year

  • End Year

Update SearchingClear
  • Articles
  • Online
Search Results (8)
  • Open Access

    ARTICLE

    Hesitant Fuzzy-Sets Based Decision-Making Model for Security Risk Assessment

    Ahmed S. Alfakeeh1, Abdulmohsen Almalawi2, Fawaz Jaber Alsolami2, Yoosef B. Abushark2, Asif Irshad Khan2,*, Adel Aboud S. Bahaddad1, Alka Agrawal3, Rajeev Kumar4, Raees Ahmad Khan3

    CMC-Computers, Materials & Continua, Vol.70, No.2, pp. 2297-2317, 2022, DOI:10.32604/cmc.2022.020146 - 27 September 2021

    Abstract Security is an important component in the process of developing healthcare web applications. We need to ensure security maintenance; therefore the analysis of healthcare web application's security risk is of utmost importance. Properties must be considered to minimise the security risk. Additionally, security risk management activities are revised, prepared, implemented, tracked, and regularly set up efficiently to design the security of healthcare web applications. Managing the security risk of a healthcare web application must be considered as the key component. Security is, in specific, seen as an add-on during the development process of healthcare web… More >

  • Open Access

    ARTICLE

    Combinatorial Method with Static Analysis for Source Code Security in Web Applications

    Juan Ramón Bermejo Higuera1, Javier Bermejo Higuera1, Juan Antonio Sicilia Montalvo1, Tomás Sureda Riera2, Christopher I. Argyros3, Á. Alberto Magreñán4,*

    CMES-Computer Modeling in Engineering & Sciences, Vol.129, No.2, pp. 541-565, 2021, DOI:10.32604/cmes.2021.017213 - 08 October 2021

    Abstract Security weaknesses in web applications deployed in cloud architectures can seriously affect its data confidentiality and integrity. The construction of the procedure utilized in the static analysis tools of source code security differs and therefore each tool finds a different number of each weakness type for which it is designed. To utilize the possible synergies different static analysis tools may process, this work uses a new method to combine several source codes aiming to investigate how to increase the performance of security weakness detection while reducing the number of false positives. Specifically, five static analysis More >

  • Open Access

    ARTICLE

    Estimating Security Risk of Healthcare Web Applications: A Design Perspective

    Fahad A. Alzahrani*

    CMC-Computers, Materials & Continua, Vol.67, No.1, pp. 187-209, 2021, DOI:10.32604/cmc.2021.014007 - 12 January 2021

    Abstract In the recent years, the booming web-based applications have attracted the hackers’ community. The security risk of the web-based hospital management system (WBHMS) has been increasing rapidly. In the given context, the main goal of all security professionals and website developers is to maintain security divisions and improve on the user’s confidence and satisfaction. At this point, the different WBHMS tackle different types of security risks. In WBHMS, the security of the patients’ medical information is of utmost importance. All in all, there is an inherent security risk of data and assets in the field… More >

  • Open Access

    ARTICLE

    Fuzzy Based Decision-Making Approach for Estimating Usable-Security of Healthcare Web Applications

    Fahad A. Alzahrani*

    CMC-Computers, Materials & Continua, Vol.66, No.3, pp. 2599-2625, 2021, DOI:10.32604/cmc.2021.013124 - 28 December 2020

    Abstract Usability and security are often considered contradictory in nature. One has a negative impact on the other. In order to satisfy the needs of users with the security perspective, the relationship and trade-offs among security and usability must be distinguished. Security practitioners are working on developing new approaches that would help to secure healthcare web applications as well increase usability of the web applications. In the same league, the present research endeavour is premised on the usable-security of healthcare web applications. For a compatible blend of usability and security that would fulfill the users’ requirments,… More >

  • Open Access

    ARTICLE

    Hybrid Security Assessment Methodology for Web Applications

    Roddy A. Correa1, Juan Ramón Bermejo Higuera2, Javier Bermejo Higuera2, Juan Antonio Sicilia Montalvo2, Manuel Sánchez Rubio2, Á. Alberto Magreñán3,*

    CMES-Computer Modeling in Engineering & Sciences, Vol.126, No.1, pp. 89-124, 2021, DOI:10.32604/cmes.2021.010700 - 22 December 2020

    Abstract This study presents a methodology to evaluate and prevent security vulnerabilities issues for web applications. The analysis process is based on the use of techniques and tools that allow to perform security assessments of white box and black box, to carry out the security validation of a web application in an agile and precise way. The objective of the methodology is to take advantage of the synergies of semi-automatic static and dynamic security analysis tools and manual checks. Each one of the phases contemplated in the methodology is supported by security analysis tools of different… More >

  • Open Access

    ARTICLE

    Managing Security-Risks for Improving Security-Durability of Institutional Web-Applications: Design Perspective

    Abdulaziz Attaallah1, Abdullah Algarni1, Raees Ahmad Khan2,*

    CMC-Computers, Materials & Continua, Vol.66, No.2, pp. 1849-1865, 2021, DOI:10.32604/cmc.2020.013854 - 26 November 2020

    Abstract The advanced technological need, exacerbated by the flexible time constraints, leads to several more design level unexplored vulnerabilities. Security is an extremely vital component in software development; we must take charge of security and therefore analysis of software security risk assumes utmost significance. In order to handle the cyber-security risk of the web application and protect individuals, information and properties effectively, one must consider what needs to be secured, what are the perceived threats and the protection of assets. Security preparation plans, implements, tracks, updates and consistently develops safety risk management activities. Risk management must… More >

  • Open Access

    ARTICLE

    Dynamic Horizontal and Vertical Scaling for Multi-tier Web Applications

    Abid Nisar1, Waheed Iqbal1,*, Fawaz Bokhari1, Faisal Bukhari1, Khaled Almustafa2

    Intelligent Automation & Soft Computing, Vol.26, No.2, pp. 353-365, 2020, DOI:10.31209/2019.100000159

    Abstract The adaptive resource provisioning of cloud-hosted applications is enabled to provide a better quality of services to the users of applications. Most of the cloud-hosted applications follow the multi-tier architecture model. However, it is challenging to adaptively provision the resources of multi-tier applications. In this paper, we propose an auto-scaling method to dynamically scale resources for multi-tier web applications. The proposed method exploits the horizontal scaling at the web server tier and vertical scaling at the database tier dynamically to maintain response time guarantees. We evaluated our proposed method on Amazon Web Services using a More >

  • Open Access

    ARTICLE

    Benchmarking Approach to Compare Web Applications Static Analysis Tools Detecting OWASP Top Ten Security Vulnerabilities

    Juan R. Bermejo Higuera1, *, Javier Bermejo Higuera1, Juan A. Sicilia Montalvo1, Javier Cubo Villalba1, Juan José Nombela Pérez1

    CMC-Computers, Materials & Continua, Vol.64, No.3, pp. 1555-1577, 2020, DOI:10.32604/cmc.2020.010885 - 30 June 2020

    Abstract To detect security vulnerabilities in a web application, the security analyst must choose the best performance Security Analysis Static Tool (SAST) in terms of discovering the greatest number of security vulnerabilities as possible. To compare static analysis tools for web applications, an adapted benchmark to the vulnerability categories included in the known standard Open Web Application Security Project (OWASP) Top Ten project is required. The information of the security effectiveness of a commercial static analysis tool is not usually a publicly accessible research and the state of the art on static security tool analyzers shows… More >

Displaying 1-10 on page 1 of 8. Per Page