Description of Web Applications and Standalone Application - Coursework Example

CHAPTER 5 of Web applications and Standalone application School College Online System Project in C# Language. This is a simple web based system which is designed for schools for managing students’ details, parent’s details, fees payment, marks. It operates on a client - server model however in this instance, the server does the manipulation and then relays the data to the user. The system is better and accurate than manual system of the schools. Accuracy and security is enhanced and maintained easily. It will also be convenient since diversified users can use it anywhere at any time. How Client Server Model of Web based BI application works. A user logs on the system and opens a web browser. The client tries to traverses to a BI web page. The web server will display the user’s interface for the BI system. Once the request is sent to the web server from the web browser, web server succumbs this request to application server which will in turn submits the MySQL statements to the database. Database obtains the request and permits it to the RDBMS system which will analyze the MySQL commands and accomplishes the task. The outcomes is directed back to the application’s server which formats the results, generates and displays HTML or as an ASP.Net page to the user for this system via web browser. User case activities or Description. The system administrator will be able update and delete the whole information .i.e. all school information which includes user’s passwords, standard information, capability, administration etc. System administrator has the status of all member and can give permission to allow the member of this site. The System is very flexible which can accommodate the any feature later on which we want to add for update the site i.e.it can  provide the functionality like sending mails to faculty and principal Student can view profile after account creation Student will be able to view result, news, schedule, photo gallery. Parents as well are able view student profile, student attendances, and news for school, photo gallery, and exam time table. End users are able to see all information about school event and school result, information about school result, bifurcation of the student’s information, bifurcation of the student’s exam information End user can know about new events held in School, Results, and Rankers of the school This System has large scope for the online school management of all the students & school information.  This system will be able to store all information’s of the students with snap of the student.  This system store all information’s of the staff with snap of the staff.  System accepts user’s requests and controls information like student’s result. System will be able also provides inter messaging facilities for send messages to Principal and Faculty.  System will be able to provide enhance security facilities to give such user rights to protect from unapproved users. It generates password for login user like ‘admin’.  System will be able to give the all activities of student images.  System will be able to give the information about further study.  System will be able to give all detail information about school past history and present history. System will be able to all current news and activities. School Standalone/Desktop System in C# language A standalone application denotes to an application running on a desktop platform such as windows operating system or Mac OS platforms this is a simple desktop based application which is designed for schools for managing students’ details, parent’s details, payments school fee, and student exam result. The system uses client/ server model where the client acts as an individual computer and works with the acquired result set of data. The system is usually installed manually on the computer hosts for single user purposes. I.e. one user at a time i.e. platform dependency. Such a system is only accessible from one computer host or maybe if a local network is set on a close specific range to a specific number of computer hosts. The system is majorly used in administration purpose since it may not allow other user like student and parents to access their stored information from the system due to its locality. The clients acquires data from database(s) and then can work with it locally as illustrated below. The interaction description works as follows: The user will log onto the application as the client. The customer performs a request instruction and passes it to the RDBMS which will analyze the MySQL declaration and completes the task. The outcomes is directed back to the client That application will accepts data, organizes and scrutinize it. User case Scenario or Description. The system administrator will be able update and delete the whole information. I.e. all school information like user’s passwords. The system administrator can update and delete the whole information. System administrator has the status of all member and can give permission to allow the member of this site. The system will be able to store all information’s of the students with snap of the student.  The system will be able to store all information’s of the staff with snap of the staff.  System provides enhance security facilities to give such user rights to protect from unauthorized user. It creates password for other single login users like admin. The system is primarily used in the administrative purposes within the computers in the offices. CHAPTER 6 TESTING COMPARISON OF THE WB APPLICATION AND STANDLONE APPLICATION ON CONNECTON TO REAL DATABSE Compatibility Testing Compatibility testing is performed to evaluate whether an application runs as expected on a running environment that has various combinations of the following. I. Hardware II. Software III. Middleware. Some of the very important testing should be; a) Browser compatibility b) Operating system compatibility c) Mobile browsing d) Printing options. The web application developers do not know in which environment their application will land, therefore testing in all possible environments is essential. Testing should take place with different plug-in versions required by the web application. Without JavaScript it is impossible to obtain cross browser and cross platform consistency. Web application compatibility testing For the circumstance of web application, compatibility testing will have to uncover failures due to the usage of different Web server platforms or client browsers, and corresponding releases or configurations. Some applications are reliant on on browsers. Diverse browsers have dissimilar formations and sets that your web page ought to be compatible with. First, your system programming must be cross browser platform friendly. Such different browsers include; a) Internet explorer b) Firefox c) Safari d) AOL e) Opera mini browsers. The new technology age like mobile browsing should not be left out during testing, you should test the system accessibility on all mobile browser platform to determine the compatibility issues available. The huge variation of likely combinations of all the components involved in the execution of a Web application does not make it feasible to test them all; thus usually only the most common combinations are considered. As a concern, just a subset of likely compatibility failures might be uncovered. Both the application and the running environment can be responsible for compatibility letdowns. An over-all rule for eluding compatibility failures is to provide Web application users with appropriate information about the expected configuration of the running environment and with appropriate diagnostic messages to deal with any incompatibilities found. Compatibility testing for standalone applications. The desktop applications may have nothing more to consider for compatibility is concerned as like for the web applications. For asp.net to run on a computer, first you would be required to consider if the SDK is available and the dot net frameworks for the installed package to run smoothly. The framework for the local database should be in place to make it easy to query data from the tables. The hardware requirements that may be needed are like the; a) The RAM space i.e. 2GB RAM b) Hard disk space i.e. 4GB space for installation. Functionality Testing Functional Testing is yet another important area where testers understand the behaviour of a specific web or standalone application. Some of the major functionality techniques used and discussed below include; a) Check for all the associations in the system. b) Test for all forms in all pages. c) Cookies testing d) Validation of ASP.Net / HTML/CSS. e) Database testing. The principal advantage of this testing technique is it allows white box testing which are scrutinizing the code segments throughout the modules and test their functionality and whether it is in synchronization with the expected results. Research indicates that the white box testing technique uses the program code structure to ascertain that the test cases cover the logical paths in the program. The four key concepts in functionality testing which are known to be the Functional Testing Concept of Howden are; a) Precisely identify the domain of each input and each output variable. b) Select values from the data domain of each variable having important properties. c) Consider combinations of special values from different input domains to design test cases. d) Consider input values such that the program under test produces special values from the domains of the output variables. Once this aspect is derived that the web application follows the process flow, the testers know that the logic is correct and desired data output is achieved. Black box testing on the other hand concentrates on the input and output of the program and whether they are in line with the software requirement specification. The other advantage of the functional testing is the regression testing tools through which the testers do some forced errors in the program interface and checks how the program deals with it. Black box testing on the other hand concentrates on the input and output of the program and whether they are in line with the software requirement specification. The other advantage of the functional testing is the regression testing tools through which the testers do some forced errors in the program interface and checks how the program deals with it. This is an example of a functionality related variable. Black box testing on the other hand concentrates on the input and output of the program and whether they are in line with the software requirement specification. The other advantage of the functional testing is the regression testing tools through which the testers do some forced errors in the program interface and checks how the program deals with it. Functionality testing of Standalone Applications It is regularly at ease to implement functionalities in a desktop application, than in a web based application. The scheme of the standalone and web systems described in chapter 5 is made to look alike. This supports the users to identify and use mutually solutions. If any user has operated on one of the resolutions, it is easy for the individual to start using the supplementary. The desktop based systems runs on a Windows settings and the solutions Is to be developed in C# using dot Net framework. The application’s is database is self-determining and the statistics that the application will practice will be used as a ground for magnitudes in different OLAP database. A standalone or thick BI application mostly operates on the client/server model. The user works as a standalone computer to work with the attained sets of data. The desktop application is at ease to learn and the design is more pleasing to the user. The feeling of steadiness and has enhanced presentation than web systems. The desktop systems ‘implementation is improved in functionality mostly because it has more functionalities which makes it at ease to learn and the user can distinguish the functionality and structures from other systems.. Functionality testing for online Systems in relation to real database connections. This test is done on all the links in web pages, databases connections, forms used in the web pages for give in to or getting information from client, cookie testing. Database reliability is very important in web presentations. Crisscross for data reliability and errors as you oversee, alter the forms or fix any database related functionality. Crisscross whether all the database commands are performing correctly, data is retrieved correctly and also updated correctly. Testing the application by either enabling or disabling of cookies in browsers options. Test is done to determine if cookies are encoded formerly scripting to user machine. Web applications are centralized which makes them to be easier to update and deploy. The solitary constraint on the client is that the web browser is connected and that the users have an internet connection. The hardware on the server is regularly more powerful than the consistent user .i.e. a) Testing of all the forms which are integral part of any website. b) The forms are used to acquire facts from users and keep interaction with form. c) First you should crisscross all the authentication on each fields. d) Crisscross for the default values of parks. e) Incorrect participations to the parks in the forms. f) Decisions to create forms, if any, form delete, interpretation or update the forms. Web applications is also platform independent, that is, the same software is easily accessible through a web browser irrespective of the users’ operating systems. Web based systems uses a user/server model however in this situation the server does the algorithms and then relays the data to the user. a) To validate the site for asp.net syntax error. b) Check if the site is crawl able to different search engines. Security Testing Security testing for applications targets to authenticate the efficiency of the overall both Web and standalone application’s defenses against undesired access of unauthorized users, its capability to preserve system resources from improper use, and granting authorized users access to authorized services and resources. Application defenses have to provide protection mechanisms able to avoid or reduce damage due to intrusions, with costs that should be significantly less than damages caused by a security break. Application vulnerabilities affecting security may be contained in the program’s code, or in any of the hardware’s, software’s, and middleware’s components. Both the running environment and the application can be responsible for security failures. Some of the security testing techniques discussed below includes a) Access to applications. b) Data protections. c) Brute Force attacks. d) SQL Injection and XSS (cross site scripting.) e) Services access point. Web Applications’ Security testing Stress-free reachable application such as a web systems hints to additional safety hitches, consequently, hackers are able to use the web based programs to breach corporate systems and admittance controlled data. Some of the instances of security blemishes in a web applications are; a) Students Management application is insecure when the ‘admissions’ branch is able to edit the data of the ‘exams’ branch. b) The ERP system insecure when the data entry operator is able to create ‘reports’ c) An online shopping is not secure when the purchasers’ credit Card Detail is not encoded. d) A norm software possess insufficient safety if an SQL query recovers real password and its users. In the situation of web applications, diverse implementations and execution technologies, together with the very large number of possible users and the possibility of accessing them from anywhere, can make Web applications more vulnerable than traditional applications and security testing more difficult to accomplish. The test by pasting the internal URL straight into an address bar of the browser minus user authentications login, the inside pages should not open. Attempt roughly void inputs in the fields like login usernames, passwords id, and input text box. Crisscross the system reaction on an invalid inputs. Web directories should not be accessible unless quantified downloads choices. Assessment of SSl if it is used for safety actions. If so then appropriate messages should be shown when the user switch from no-secure and vice versa. The entire web application runs on a client server architecture. There has to be a request coming in from the client which the server responds in the form of sending the data across. In the process at hand are a percentage of activities going on like the client requesting data through HTTP protocol. There is always the chance of malicious codes being sent through the methods used for connecting from the client to the server. An immense safety risk surrounded by a web application includes Cross Site Scripting (XSS) and brute force attack. It is possibly the maximum common web application weakness. XSS denotes to an occurrence where the user submits malevolent HTML, which comprises of script codes to a non-static web systems. Through this kind of attack a hacker can “rip-off” another user’s session and use it before the assembly cookies do terminates. The hacker may be able to create a malevolent program that other client’s mistakenly implements when showing with dynamism the produced pages which creates content originating from the hacker. To bind this safety risk you can encrypt HTML Meta characters acquiescently. For example: Swap < with < and # with # You will requisite to see to that the program accomplishes validation on all titles, cookies, query threads, forms fields and concealed fields The use of GET and POST is the most common mechanism to communicate. The other methods like PUT, DELETE always are risky propositions and should be avoided It can be in the form of uploading an HTML page with hyperlinks which can redirect the user to a malicious website or login form from where the user’s confidential information can be obtained. Similarly the DELETE function puts the users at risk as important configuration files. Example would be the htaccess which can be deleted from the Apache server to get unauthorized access. Another method like the CONNECT can help hide or bypass important information over existing firewalls which are serious security issues. Testers should be having a guide as to the threat model and they need to check these in white box testing as they go about testing a segment of the code. In web applications, not even a single session, users’ requests a page and then misses the link to the server till a different page is entreated. The manner in which a web server retains trails of the clients using assembly cookies. The cookie exist in on the client side is able to alteration in order to hack the system Deductions to be pinched is that an online application undergoes extra security susceptibilities than desktop applications. Nonetheless, safeguarding the web application is valueless when the web server either in not secured. To protect an online applications, the surroundings that it works in has to be protected. The safety originates from having vulnerable server and systems. It is very significant to obligate the modern security reinforcements for system and programs on the server. The network server has to be in arrears of a well sustained firewall and scrutinized for hacking interference. Standalone applications Security Testing A desktop applications program ought to be protected not only concerning its’ admittance but also with respect to system of government and storage of its data. In a desktop application, authentication is performed on the users’ side to decrease network congestion and advance server usability. In client-server (standalone) settings, an uninterrupted session amid the users and server is sustained. The moment a user logs into a program, an uninterrupted connection services the client with statistics. Access to application is a technique which can be used to secure the systems. The safety is instigated by the “Roles and Privileges of Management” For example, the lectures role on the system should be just to enter student’s marks and comments on the examination results. Therefore all Menu, forms and screen associated to finance or any other panel should not be available to them. To test this, tester should create several accounts with different users as well numerous roles. Therefore he/she should use the application to with the aid of these accounts, should authenticate that each role has admittance to its particular components, display screen, system forms and menus only. A user should as well interpret or utilize only the data which he is hypothetically to use. This is certified by duties and privileges of the users. Conclusion If you are considering for a quicker and safer system with varied functionalities, you ought to pick out the desktop systems. This execution allows the program run with the complete control of the users’ mechanism. It is quicker than a web based program nevertheless the difference that really brands it better than a web application is the circumstance that it has extra functionality which rises its’ usability. When your core determination is to grasp numerous clients to have a relaxed sustained and stress-free organized application able to be retrieved from distant computers with diverse operating systems you should choose the web based systems. It take much time to execute an online system but in reoccurrence the application is stress-free to access and bear up with. This marks the web based applications appropriate when you ought to a number of clients operational at diverse locations. It is frequently challenging to protect an online application because neither is the system alone that has to be protected but also the server for example. It is similarly at ease for hackers to admittance an online site than a system on a mainframe. This marks it extra essential to contemplate safety matters while designing an online system. It is upon the designers to gaze at necessities then resolve which of the systems that fits the client best. For capabilities to resolve which elucidation usage, it is significant for the designers or programmers to deliberate with the clients whatever their choice is to be capable to handle their programs. Citation Nguyen, Hung Quoc. Testing applications on the Web: test planning for Internet-based systems. New York: Wiley, 2001. Print. Loranger, Hoa, and Jakob Nielsen. Usability of Flash applications and tools: design guidelines for Flash-based functionality on the Web. Fremont, CA: Nielsen Norman Group, 2004. Print Bennett, James. Practical Django projects. Berkeley, CA: Apress ;, 2008. Print. Wysopal, Chris. The art of software security testing: identifying software security flaws. Upper Saddle River, NJ: Vinay, Peter. Manage software testing. Boca Raton: Auerbach Publications, 2008. Print. Tian, Jeff. Software quality engineering: Testing, quality assurance, and quantifiable improvement. Hoboken, N.J.: Wiley, 2005. Print. Kan, Stephen H. Metrics and models in software quality engineering. Addison-Wesley Longman Publishing Co., Inc., 2002. Gao, Jerry, H. Tsao, and Ye. Wu. Testing and quality assurance for component-based software. Boston, MA: Artech House, 2003. Print. Pressman, Roger S., and Waman S. Jawadekar. "Software engineering." New York 1992 (1987). Read More