IET Software
Volume 13, Issue 3, June 2019
Volumes & issues:
Volume 13, Issue 3
June 2019
-
- Source: IET Software, Volume 13, Issue 3, page: 171 –171
- DOI: 10.1049/iet-sen.2019.0105
- Type: Article
- + Show details - Hide details
-
p.
171
(1)
- Author(s): Victor Muntés-Mulero ; Oscar Ripolles ; Smrati Gupta ; Jacek Dominiak ; Eric Willeke ; Peter Matthews ; Balázs Somosköi
- Source: IET Software, Volume 13, Issue 3, p. 172 –181
- DOI: 10.1049/iet-sen.2018.5295
- Type: Article
- + Show details - Hide details
-
p.
172
–181
(10)
Industry in all sectors is experiencing a profound digital transformation that puts software at the core of their businesses. To react to continuously changing user requirements and dynamic markets, companies need to build robust workflows that allow them to increase their agility in order to remain competitive. This increasingly rapid transformation, especially in domains such as Internet of things or cloud computing, poses significant challenges to guarantee high-quality software, since dynamism and agile short-term planning reduce the ability to detect and manage risks. In this study, the authors describe the main challenges related to managing risk in agile software development, building on the experience of more than 20 agile coaches operating continuously for 15 years with hundreds of teams in industries in all sectors. They also propose a framework to manage risks that consider those challenges and supports collaboration, agility, and continuous development. An implementation of that framework is then described in a tool that handles risks and mitigation actions associated with the development of multi-cloud applications. The methodology and the tool have been validated by a team of evaluators that were asked to consider its use in developing an urban smart mobility service and an airline flight scheduling system.
- Author(s): Charidimos Chaintoutis ; Marialena Akriotou ; Charis Mesaritakis ; Ioannis Komnios ; Dimitris Karamitros ; Alexandros Fragkos ; Dimitris Syvridis
- Source: IET Software, Volume 13, Issue 3, p. 182 –186
- DOI: 10.1049/iet-sen.2018.5291
- Type: Article
- + Show details - Hide details
-
p.
182
–186
(5)
In an environment where cyber attacks are increasing, both in frequency and complexity, novel ways to shield data, users, and procedures have to be envisioned. Physical unclonable functions (PUFs) are the physical equivalent of one-way mathematical transformations with the exception that their inherent physical complexity renders them resilient to cloning. One interesting deployment scenario includes PUFs as random key generators. The deterministic nature of their operation alleviates the necessity to store the keys in non-volatile means. Along the same lines, blockchain is inherently resistant to modification of the data once stored while their overall security depends on the quality and secrecy of users’ keys. Here, the authors propose a novel optical PUF implementation that can be combined with private blockchain modalities in order to cyber-harden Internet of things ecosystems. PUF-related experimental results are presented, alongside implementation scenarios.
- Author(s): Katherapaka Sudhakar ; M.A.H. Farquad ; G. Narshimha
- Source: IET Software, Volume 13, Issue 3, p. 187 –194
- DOI: 10.1049/iet-sen.2018.5258
- Type: Article
- + Show details - Hide details
-
p.
187
–194
(8)
Cloud computing is used to connect several number of remote servers through Internet to accumulate and recover large data anywhere and anytime. As of the conventional privacy defending process, there is a possibility for malevolent assault on the sensitive information accumulated in the cloud. In this research, the authors have proposed a competent large data convert among privacy defending by Hadoop map reduce in the cloud. The procedure exploits fuzzy C-means clustering (FCM) algorithm grouping the data. For dimensionality reduction, map reduce framework will be used. In evaluation module, the recommended technique performed with the aid of K-nearest neighbour (KNN) classification algorithm in this phase using KNN technique to check the convolution process based on the threshold value, which is improving the utility of the privacy data. The consequence acquired illustrates that authors’ proposed scheme has enhanced the clustering exactness and also accomplishes the effectual convolution procedure to improve the privacy. From the experimental results, the proposed research achieved an effective clustering accuracy 76.07% and the existing K-means approach gets the clustering accuracy of 73.5% which is minimum value when compared to the proposed researches. The suggested technique is implemented in JAVA with Cloud Sim platform.
- Author(s): Xabier Larrucea ; Izaskun Santamaria ; Ricardo Colomo-Palacios
- Source: IET Software, Volume 13, Issue 3, p. 195 –202
- DOI: 10.1049/iet-sen.2018.5294
- Type: Article
- + Show details - Hide details
-
p.
195
–202
(8)
Healthcare systems have been improved in order to provide support to cross-border situations where one citizen from one country travels to another country and requires the use of their health records. Several initiatives have been carried out to tackle this problem. This is the case for the OpenNCP which is supported by the European Commission by providing a common network and an infrastructure to connect different national healthcare systems which most of the times are cloud-based systems. The OpenNCP plays a key role in communicating health records among European Union's member states, and therefore it manages sensitive information. Therefore, this study provides a security analysis of this platform and a prototype is developed for identifying secure patterns in source code.
- Author(s): Pantelis Natsiavas ; Christine Kakalou ; Konstantinos Votis ; Dimitrios Tzovaras ; Nicos Maglaveras ; Vassilis Koutkias
- Source: IET Software, Volume 13, Issue 3, p. 203 –210
- DOI: 10.1049/iet-sen.2018.5292
- Type: Article
- + Show details - Hide details
-
p.
203
–210
(8)
In this study, the requirements elicitation approach employed in the context of the KONFIDO project is presented. KONFIDO introduces a technical paradigm for secure and interoperable cross-border health data exchange by leveraging novel approaches and cutting-edge technologies, such as homomorphic encryption and blockchains. Being a key part of the overall user requirements engineering methodology, requirements elicitation focused on producing high-level, end-user goals following a systematic procedure. First, the main business processes were identified based on the project's pilot scenarios. These business processes were the subject of a threat analysis, which identified the respective assets and a list of security risks/threats. Threats were further elaborated, considering the outcome of relevant projects and applicable best practices/standards. As a result, a set of user goals were identified and analysed in detail. Finally, a meta-analysis of the produced goals against the employed information sources was applied, highlighting the importance of standards as a guide for defining requirements, as well as the complexity concerning the interdependencies among the elaborated business processes, assets, threats, and user goals. As the deployment of the technical solution may be cloud-based, implications and challenges imposed by the adoption of cloud computing in this setting are also presented.
- Author(s): Erkuden Rios ; Eider Iturbe ; Xabier Larrucea ; Massimiliano Rak ; Wissam Mallouli ; Jacek Dominiak ; Victor Muntés ; Peter Matthews ; Luis Gonzalez
- Source: IET Software, Volume 13, Issue 3, p. 213 –222
- DOI: 10.1049/iet-sen.2018.5293
- Type: Article
- + Show details - Hide details
-
p.
213
–222
(10)
Compliance with the new European General Data Protection Regulation (Regulation (EU) 2016/679, GDPR) and security assurance are currently two major challenges of Cloud-based systems. GDPR compliance implies both privacy and security mechanisms definition, enforcement and control, including evidence collection. This study presents a novel DevOps framework aimed at supporting Cloud consumers in designing, deploying and operating (multi)Cloud systems that include the necessary privacy and security controls for ensuring transparency to end-users, third parties in service provision (if any) and law enforcement authorities. The framework relies on the risk-driven specification at design time of privacy and security level objectives in the system service level agreement and in their continuous monitoring and enforcement at runtime.
- Author(s): Deepak Garg ; Jagpreet Sidhu ; Shalli Rani
- Source: IET Software, Volume 13, Issue 3, p. 223 –231
- DOI: 10.1049/iet-sen.2018.5222
- Type: Article
- + Show details - Hide details
-
p.
223
–231
(9)
Cloud Computing (CC) has gained popularity in industry and academia. CC is implemented by the industries on a large scale. Still, a lot of efforts in research for cloud computing are required. Improving security helps in abolishing the major problems of a domain. Therefore, research and development in security techniques are required. It is important to state the existing status of research. As publications are practically multiplying since 2008, a bibliometric analysis is a need of the hour. This study provides a comprehensive view of cloud security for a relevant time frame. Total 15,591 publications related to security of CC were investigated based on the Scopus database. This study analyses research publications on various parameters such as (i) publishing patterns (e.g. contributing authors, affiliations), (ii) analysis of common key terms, (iii) key term bunching to identify domain of interest, (iv) citation patterns, (v) publications medium, and (vi) researchers who aid in exploring research productivity in this specific domain. It analyses the literature based on the quantitative features and characteristics of cloud security based on meta-perspectives. The proposed analytical study will serve as an important tool for significant debate on future research schemas.
Guest Editorial: Security and Privacy in Cloud-based Systems
Agile risk management for multi-cloud software development
Optical PUFs as physical root of trust for blockchain-driven applications
Effective convolution method for privacy preserving in cloud over big data using map reduce framework
Assessing source code vulnerabilities in a cloud-based system for health systems: OpenNCP
Requirements elicitation for secure and interoperable cross-border health data exchange: the KONFIDO study
Service level agreement-based GDPR compliance and security assurance in (multi)Cloud-based systems
Emerging trends in cloud computing security: a bibliometric analyses
Most viewed content
Most cited content for this Journal
-
Progress on approaches to software defect prediction
- Author(s): Zhiqiang Li ; Xiao-Yuan Jing ; Xiaoke Zhu
- Type: Article
-
Systematic review of success factors and barriers for software process improvement in global software development
- Author(s): Arif Ali Khan and Jacky Keung
- Type: Article
-
Empirical investigation of the challenges of the existing tools used in global software development projects
- Author(s): Mahmood Niazi ; Sajjad Mahmood ; Mohammad Alshayeb ; Ayman Hroub
- Type: Article
-
Feature extraction based on information gain and sequential pattern for English question classification
- Author(s): Yaqing Liu ; Xiaokai Yi ; Rong Chen ; Zhengguo Zhai ; Jingxuan Gu
- Type: Article
-
Early stage software effort estimation using random forest technique based on use case points
- Author(s): Shashank Mouli Satapathy ; Barada Prasanna Acharya ; Santanu Kumar Rath
- Type: Article