A Framework for Software Engineering Secured Applications

Linked Agent
Albalooshi, Fawzi , Thesis advisor
Language
English
Extent
[1], 14, 80 pages
Place of institution
Sakhir, Bahrain
Thesis Type
Thesis (Master)
Institution
University of Bahrain ,College of Information Technology
English Abstract
Cybercriminals appeared as technology advances to target software for unethical needs, leading to the cyber division's creation to counter back. Developed software requires skilled and knowledgeable software engineers aware of the cyber division's security rules to secure their source code. This thesis aims to examine and study the rules set by one of the world-leading cyber security divisions and analyze what other researchers have concluded to solve the attacks occurring due to inadequate security practices in the developed software. It also shows the importance of these security rules when engineering any software. As technology advances, risks increase. The thesis implements a prototype developed with AngularJS JavaScript language. The prototype functionalities consist of regular expressions that analyze the entire source code statically and dynamically. Those functionalities optimize the code, generate a report with tips and provide a minification uglification ability for the source code to obscure it. The results of the prototype are analyzed to see its reliability, validity, and limitations. Futuristic works would be expanding the tool capabilities to assess other source code languages, add more security checks such as file uploads and text sanitization or break the report into finer details. The prototype was used to assess open-source JavaScript codes: jQuery, Moment.js, and RabbitsVsFoxes.js from the GitHub repository as case studies to evaluate their structure and identify any possible weaknesses, good practices, and how the prototype helps. The tool showed that securing source code has great advantages of performance improvement aside from removing security flaws and securing the source code. The tool also showed that in popular open-source code libraries that many firms use, it is important to avoid using the normal source codes and use the obscured versions for security and performance concerns. This thesis's contribution falls in gathering essential details from every angle and aspect on software security concerns from one aside through literature reviews and analyzing guidelines set by the cyber division and how to counter them. On the other hand, providing a simple, easy-to-use prototype and accessible online tool requires no installation supporting JavaScript language covering different security aspects.
Identifier
https://digitalrepository.uob.edu.bh/id/e760962f-c18b-415a-a0e8-415f5a8d8ec4
https://digitalrepository.uob.edu.bh/id/e760962f-c18b-415a-a0e8-415f5a8d8ec4