TESTING AND SECURITY IN DISTRIBUTED ECONOMETRIC APPLICATIONS REENGINEERING VIA SOFTWARE EVOLUTION

TESTING AND SECURITY IN DISTRIBUTED ECONOMETRIC APPLICATIONS REENGINEERING VIA SOFTWARE EVOLUTION Cosm TOMOZEI 1 Assstat-Lecturer, PhD C. Vasle Alecsadr Uversty of Bacău, Romaa Departmet of Mathematcs ad Computer Scece E-mal: cosm.tomoze@ub.ro Bogda PATRUT 2 Assocate Professor, PhD Vasle Alecsadr Uversty of Bacău, Romaa Departmet of Mathematcs ad Computer Scece E-mal: bogda@edusoft.ro Abstract: The objectve of ths paper s to preset the results gathered research, regardg the testg ad the securty assurace as key compoets of dstrbuted ecoometrc applcatos reegeerg. Cosequetly, the testg ad securty procedures wll be formally show order to brg to lght the robustess ad stablty of ecoometrc applcatos reegeerg. The W model for software testg reegeerg wll be as well exposed as oe of the cotrbutos. Aglty ad teratve features of software reegeerg are to be metoed, wth the teto of revealg ther use durg the lfecycle. Keywords: securty reegeerg; W testg model for reegeerg; dstrbuted applcatos. 1. Dstrbuted Applcatos Requremets ad Dyamcs through Reegeerg Dyamcs, as a mportat characterstc of dstrbuted applcatos s brought to lght by the software evoluto. Dstrbuted applcatos are costatly beg subjected to several types of trasformatos. They cosst of the updates of ther structures, such as the addto of ew modules or modfcatos other modules, so as the software applcatos does coform to the ew objectves they have to acheve. The evoluto objectves has a perpetual correspodet the evoluto of requremets. Evoluto of software s vewed lterature as the other the types of evoluto, such as huma evoluto, socal evoluto or ecoomc developmet. The desderata of stablty ad cocordace have to exst betwee chages busess processes ad chages software applcatos, doe by meas of software mateace or by reegeerg. The cocept of evoluto s defed Ecyclopaeda Brtaca, from a bologcal perspectve. The customzatos are made to preset ths cocept other ways ad for other sceces. I our pot of vew, software evoluto s cosdered to be the startg pot 583

the aalyss of reegeerg, partcularly whe talkg about dstrbuted software or about ecoometrc applcatos. Defto 1[1]: Evoluto s the bologcal theory that plats ad amals have ther orgs pre-exstg speces ad the dffereces that dstgush betwee them are due to chages that took place successve geeratos. I [3] evoluto s defed as a creatve cocept, a alteratve to Charles Darw s, by Her Bergso the work, Creatve Evoluto, publshed 1907. Accordg to ths theory, the evoluto s acheved due to the atural creatve mpulse ad huma motvato. Defto 2 [2]: Software evoluto s the sub doma of the software egeerg dscple that vestgates ways to adapt software to the ever-chagg user requremets ad operatg evromet. The spral software developmet model wth agle elemets that we used our reegeerg projects s observed ad t extracts the treds of future teratos. I ths way, reegeerg ad mateace become predctve processes, more easly to be uderstood ad cotued by developmet teams. Thus, certa aspects are provded advace. Therefore, the actvty of creatg ew software becomes a evolutoary process through successve stages of the projects evoluto. It becomes straghtforward the, to determe correlatos betwee the socal ad ecoomc developmets ad ther coverage dstrbuted software applcatos. Defto 3: The evoluto of software developmet s a scetfc ad techcal set of creatve pheomea. Creatvty ad wllgess to develop ew applcatos gve mpulses to specalsts to create sgfcat ad valuable cotrbutos the developmet of ew software systems, correspodg to the rapd ad cotuous chages the real world. Regardg the dyamcs of dstrbuted systems ad cosequetly of dstrbuted applcatos, ther evolutoary tred should be oted, whle systems cofgurato chages over tme. The successve stages of mateace ad reegeerg trasform the software etty, such way that after a certa umber of teratos, software applcatos are becomg very dfferet comparso to ther tal cofguratos. The spral developmet model wth agle elemets shows that the tegrato elemets of aglty applcato developmet cycle, software cofguratos are becomg more dyamc, so that the updates real-world busess processes are to be reflected the structure ad objectves of dstrbuted applcatos a shorter perod of tme. We beleve that the software developmet cycle should be defed correspodgly to the reegeerg cycle, so that each stage of the developmet cycle should have a couterpart the mplemetato of the reegeerg process. Ths wll offer to software applcatos hgher levels of mataablty ad adaptablty the future. Dstrbuted applcatos reegeerg s a evolutoary ad adaptve approach, whch corporates elemets from exstg IT systems ad applcatos that proved to be valuable for the orgazato over tme. These elemets wll the be tegrated ad exploted the ew stage of the system or dstrbuted applcato, by trasformato. I [4] the text ettes reegeerg s take to dscusso. By aalogy, we preset the cocept dstrbuted applcatos reegeerg wth the volvemet of the followg aspects: the defto of a ew objectve that has to be acheved, whch does ot dverge sgfcatly from the tal am of the dstrbuted applcato, but reflects a qualtatve leap the level of the outputs; 584

the exstece of a dstrbuted applcatos that s to be subject to the trasformato process; cosequetly, the compoets whch rema the structure ad the ew modules that should be troduced the structure should be determed, so that the results should detfy themselves wth a well-coagulated software; some classes ad objects rema the structure, others beg elmated ad others beg modfed order to acheve ew goals; furthermore, we formalze ths by the reegeerg fucto [5] whch s defed o the bass of the developmet fucto relatoshp (4) by updatg the modular structure of applcatos whch s subjected to reegeerg; the choce of approprate techologes so as to reegeer the etre software system; t cossts of the archtecture, dagrams, classes of objects, databases, relatoal tables, all cluded the ew structure of software; the establshg of practcal quattatve methods ad dcators for a precse measurg the qualty of each terato of the process such as egeerg, reverse egeerg ad reegeerg; afterwards the software system reaches ts fal form by beg teratvely trasformed; the accurate descrpto of the evaluato stages of the reegeerg lfe cycle for the effcet maagemet of the budget, people volved the project ad tme resources; the maagemet of rsks related to software reegeerg process; ths stage s mportat for the securty ad tegrty of the reegeerg projects ad cotrbutes to the qualty assessmet of the reegeerg process; the team composto, each team member wll have specfc tasks to be completed wth the project; each member of the reegeerg team becomes famlar wth the applcatos state-of-art ad curret techologes. Dstrbuted applcatos reegeerg s a complex process that presumes trasformatos ad updates to all the levels of software such as clet, busess logc ad database ter. The projects of reegeerg assume hgher costs ad log developmet duratos. Stll, reegeerg saves may facal resources ad besdes that, t reduces developmet costs ad keeps the valuable modules of software for a loger perod of tme. I dstrbuted applcatos reegeerg, the most commo cases are made of mgratos to ew versos. The eeds of such kd of projects are due to the followg premses: the emergece of ew felds of actvty, whch are to be reflected the software applcato, such as ecoomc growth, legslatve or tax chages or structural chages; the appearace of ew categores of goods ad servces, that are eeded to be offered to the customers; depedg o the operatg actvtes of the compay, t wll comply wth cosumer demads by offerg ew products volvg a hgh degree of ovato ad qualty; the materalzato of ew ways to deduct busess expeses, due to legal developmets ad chages facal accoutg; ew regulatos relatg to fxed captal deprecato, whch update the categores of goods that are repad, durato ad the methods of calculato; the eed to meet customers demad a shorter tme ad wth greater sutablty; creasg speed of respose to the demad appeared o the market s essetal to esure compettveess; 585

orgazatoal ad structural chages are compulsory to be reflected the computer system of the compay; The key elemet software reegeerg takes for grated the exstece of the orgal software, whch has proved ts value use over tme. Due to umerous updates ad phases of mateace, there s a suffcet lkelhood that soo the software wll o loger acheve the ecessary tasks, or hs errors wll exceed the establshed level of sgfcace. Ulke software developmet process that starts at the gree feld, wth the orgal vso of the developmet team, tervewg beefcares, determg objectves, determg the prelmary archtecture of the system by the tme he etered to servce, the reegeerg project assumes as a startg pot the aalyss of the exstg system the orgazato ad detecto of the problems t faces. As a result, the reegeerg team wll decde whch of the parts of the tal structure are gog to be kept the ew applcato ad whch of them are gog to be updated or deleted. The key pot of reegeerg s to reuse the valuable compoets or modules of the applcato. Aother key ssue the process of software reegeerg cossts of detfyg the optmal tmg of applcato, based o formula (1). For each of the teratos the developmet cycle a tme resource T ad a level of total cost CT are allotted. The equaltes gve the relatos (1) ad (2) preset these desderata. But for the mateace process to be effcet, the cost ad durato for the followg teratos of adaptve mateace have to be less or equal to the tme ad cost of the prevous teratos. T 1 >=T 2 >=...T...>=T -1 >=T (1) CT 1 >=CT 2 >=...CT...>=CT -1 >=CT (2) Each oe of the teratos wth the spral reegeerg model wth agle elemets reflects o the achevemet of a ew objectve. The ew objectve s reflected the requremets detfed by the software developmet process maagemet, due to the teractos wth the target group of the IT applcato. Ths s show also the algorthm Fgure 1. 586

-> CT,T, T +1 <= T 1 ad CT +1 <= CT YES Adaptve mateace NO Reegeerg STOP Fgure 1. The choce betwee adaptve mateace ad software reegeerg I fgure 1 t s preseted how the maagemet of the IT project decdes betwee the cotuato of the process of adaptve mateace for the dstrbuted applcato ad the startg of a ew project, whch cossts of software reegeerg. The dea of reegeerg s brought to lght because of the growg duratos ad costs of each adaptve mateace process, correspodgly to the ew objectves appeared user requremets. Therefore, after several stages of adaptve mateace, the complexty of the software applcato [13] s sgfcatly growg ad each of the ew users requremets egages addtoal costs ad more ad more tme resources. 2. Software compoets reuse the process of reegeerg The reuse of compoets costtutes the core elemet of the reegeerg process. The compoets already exstg the system have to coexst wth ew elemets added to the structure of the software etty. The reuse of compoets reegeerg s carred out mostly by the upgrade of ther exstg structure ad behavour. It s a lot more productve to update the compoets through the process of software refactorg [10], comparso to completely abadog them ad the to start the developmet process from the gree feld. I software developers commutes, t s ofte uderstood by reuse of compoets the meag of source code reuse. Ths pot of vew s partally correct, but a smplstc maer, because dstrbuted applcatos presume the exstece of may other compoets, wth the same mportace ad eed for reuse reegeerg. The reuse of compoets cosequetly mples trasformatos ad updates to the level of requremets, to the 587

archtectural level, to the level of detaled desg, to the level of ut testg ad the database ter, as well as the source code. The refactorg process takes to accout the exstg methods the classes of objects to gve them a hgh level of qualty, by detfyg ad removg duplcate sequeces of code, so - called software cloes. Refactorg has the role to provde a hgher degree modularty ad reusablty the followg teratos of software reegeerg. Whe talkg about the lfe cycle dstrbuted applcatos reegeerg, t s ecessary to detect code duplcato ad subject the software etty to refactorg, because eve from earler stages of the adaptve or correctve mateace, redudat elemets of varous types, such as classes of objects, methods, tables, or attrbutes, were added by method of copy / paste order to meet the ew requremets a relatvely short perod of tme. That aspect does greatly crease the complexty ad the redudacy of software. The reuse of compoets s based o the study ad prelmary uderstadg of the basc elemets exstg the applcato beg reegeered. Each oe of the data structures has to be detfed ad t should be determed how each data structure cotrbutes to the objectves of the applcato. Just after that, decsos about the update or elmato of data structures are to be made. However, these decsos also take to accout that all the work doe by specalsts s based o accurate requremets. The duplcato of code ad of the databases structures dstrbuted applcatos codto the growg of redudacy. Ths pheomeo s detfed ad mmzed through reegeerg. Most of the reegeerg process aalysed the commuty of specalsts [6] reported that duplcato of code has bee detected from 7% to 23%, whch extreme cases wet up to 59%. Ths s the reaso why sgfcat efforts have to be made for the detecto ad the mmzato of the level of code duplcato dstrbuted applcatos reegeerg projects. The process of code compacto s esured by source code refactorg. Havg a compact ad stable code s mportat because ths s mmzg the volume of operatos performed ad reduces the umber of calls of the default method as well. Ths process has great mportace smplfyg the class graph of the dstrbuted applcato. Hece a much clearer pcture of the class type ettes ad teractos betwee them s developed. Because chages made the code by refactorg process are reflected the archtecture ad system desg, ad vce versa, t s desrable to always mata the lk betwee archtecture ad actual mplemetato. The dcator of code duplcato reflects the umber of duplcated source code ettes dvded by the total umber of ettes from the source code ad t s defed as: Idc 1 k ClassDup 1 Class m j 1 j 1 1 j 1 k MetDup p Met j 1 j 1 1 j 1 k m p AttrDup where: I dc s the dcator of code duplcato ClassDup represets classes are duplcated the dstrbuted computg applcato; Class represet classes of objects wth the dstrbuted computg applcato Attr j j (3) 588

MetDup j s the duplcated method j from the class ; AttrDup j s the duplcated attrbute j from the class ; s the umber of duplcated classes of objects dstrbuted applcato; m s the umber of class methods ad attrbutes of objects duplcated; k represets the total umber of classes the dstrbuted applcato; t s the umber of duplcate methods wth the classes. Ths dcator has bee take to accout the process of reegeerg the twostage least squares dstrbuted ecoometrc applcato for regresso aalyss. I cosequece, the umber of code les has bee reduced ad several methods were correctly parameterzed by refactorg. However, ecoometrc applcatos developmet the correctess of ecoometrc algorthms comes o the frst place, ad just after the obtag of correct coeffcets of lear models developers have to pass through the source code optmzato by refactorg. The trasto of the ecoometrc applcato from the tal phase to a dstrbuted evromet s descrbed (4), cocered beg o the evoluto objectves ad modules. m m 1 Re egeerg 2 Dev Mo Obj Obj Dev Mo Mo Obj Obj 1 1 1 2 (4) 2 1 1 1 1 1 where: Mo are the dstrbuted applcato modules after the frst terato of process 1 reegeerg Dev s the developmet fucto of the spral model wth agle elemets; s the umber of modules of the applcato after the frst terato of reegeerg; m s the umber of applcato modules, troduced durg the secod terato of the reegeerg process; Mo applcato modules are dstrbuted result after the secod terato of the 2 reegeerg process; Obj targets are operatoal, dstrbuted as a result of the applcato process 2 reegeerg software that are tegrated to the ultmate objectve of the applcato; 2 Obj s the ultmate am of applcato stage 2 as a arthmetc sum of other objectves. Qualty assurace strateges of dstrbuted applcatos are very mportat reegeerg. Each oe of the updates are beg spected ad certfed through testg. I the ext secto, accordgly, the W testg model for reegeerg wll be defed ad descrbed. 3. The W Testg Model for Reegeerg If the process of reegeerg starts a mostly theoretcal way, by the determato of requremets ad demads, suddely aspects regardg the study ad testg of the exstg software applcato are brought to the play. Ital predctve test are made, for the team to effcetly uderstad the behavour ad the structure of the 589

applcato. I addto to ths, behavoural ad structural tests are also beg defed by the reegeerg team. The tal tests are carred out by the team of specalsts, whle aalyzg the exstg formato system or software applcato for the determato of the systems behavour based o the establshed factors from requremets. It s also ecessary that the steps of reegeerg dscussos ad tervews take place betwee the reegeerg team ad the target group of users. The deas ad objectves determed through the tervews ad the prelmary dscussos are the bass of the black box testg phase. Black-box testg cossts of a collecto of predctve methods, techques ad procedures used the aalyss of exstg software, whch s to be subjected to the reegeerg process order to determe the behavour ad utlzato patters. These tests provde a objectve vew o the IT applcato. I [7] there s metoed that black-box tests detfy the applcatos behavour, ad black box tests are used order to determe bugs the hgh-level operatos as well as the overall fuctoalty of the tested software. Testg the behavour of the software applcato requres a uderstadg of the doma, ad how software cotrbutes ad models the actvtes wth the orgazato. The hgher level of desg s uderstood by the team of IT project ad black-box test cases are detfed. Every test case s placed correspodece wth the actvtes of the target group of users. I the case of dstrbuted ecoometrc applcatos for two-stage least squares regresso aalyss, t s show that the developmet team as well as the teams of mateace ad reegeerg must have sold kowledge of statstcs ad ecoometrc methods ad the way to mplemet them programmg laguages. Later the project, aspects about how to tegrate the modules dstrbuted applcatos are to be carred out, by meas of reegeerg. For dstrbuted ecoometrc applcatos dscussos ad tervews are carred out as the geeral case of software reegeerg. There are group dscussos ad tervews wth the users order to determe the essetal elemets of ther teracto wth the software. These clude the followg tasks to be acheved by the reegeerg team: the tervewg of users about the types of problems they solve wth the help of the exstg ecoometrc applcato; they descrbe the elemets of statstcs ad ecoometrcs cosstg of the defg of problems whch have to be solved ad the way whch the ecoometrc problems are tegrated to the exstg applcato; to get the users descrpto of the types of data sets, here the test team checks the geeral types of data sets, the maxmum umber of data seres, the maxmum umber of exogeous varables cluded the regresso model, the valdato of the data sets; the way whch the target group of user are dealg wth the fuctoaltes of the exstg applcato; the reegeerg team follows the huma applcato teractos, ad the way whch each member of the target group reaches hs ecoometrc or statstcal objectves; what the users opos about the applcato whch s subjected to the aalyss are ; f they are pleased regardg the durato of the operatos, ad how the users perceve the ways of mprovg of the exstg applcato; 590

the uusual aspects determed the applcatos hstory; the target group of users tell to the reegeerg team about the problems had the past, the use of the software applcato, ad also about the ways ad duratos of solvg of the detfed problems; get the users opos about the qualty of the applcato; the target group s formed of specalsts statstcs ad ecoometrcs, ad they have the kowledge to share wth the developmet team, regardg whch other statstcal or ecoometrc algorthms are eeded to be mplemeted the applcato; I fgure 2 there are preseted the stages of the dstrbuted ecoometrc applcato testg durg the process of reegeerg, tegrated the W testg model based o the V model preseted [7]. Fgure 2. W testg model for software reegeerg I the dstrbuted ecoometrc applcato for two-stage least squares regresso aalyss, there are some mportat aspects, both for black-box, beravor, testg ad for the whte-box, structural testg. Frst of all, the testers have to defe the ecoometrc problem, that has to be solved through the software. The defg of the problem presumes the descrpto of the data etered the regresso model, the umber of exogeous varables, the umber of data seres. They have the possblty to eter the data by had, by completg the tables appeared o the web page or by readg t from bary or XML fles. Sometmes, geerators lear models ca also be used for defg the seres of data more rapdly. 591

Secodly, the testg of correctess of the coeffcets determed from the model s prepared, by usg the two-stage least squares method, ad cosequetly the two-stage least squares algorthm. The testers are to determe whether the etered data s correctly statated large scale matrces ad f the calculatos are made correctly. If there are ay errors of readg the data from the fles, they are recogzed ad exemplfed by the testers. Aother mportat aspect s the determato of the exact code sequeces that geerated the results of the calculato of coeffcets. The testers troduce several seres of data repettvely order to see whether the applcato s stable ad whether t reflects the modfcatos made the seres of data etered aga. The computato of the error [11], [12] from the regresso model ad the aalyss of the error are tested, order to determe whether the error s set betwee the acceptable lmts. I (5) ad (6) the formulae for the computg of the error ad ts lmts are preseted. Err y yˆ (5) where: Err represets the error term from the seres of data from the regresso model; y represets the edogeous, depedet varable of the seres of data from the regresso model; ŷ represets the estmated edogeous varable; LmIf Err LmSup (6) where: LmIf represets the lower lmt of the error; LmSup the upper lmt of the error; The testg procedure cotues wth the computg of the resdual sum of squares [11], from (7) whch represets the uexplaed varace of the model; SSR 2 ( y yˆ ) (7) 1 where: SSR represets the resdual sum of squares; represets the ftted value for each observato; ŷ represets the umber of data seres from the model; After the computato of the resdual sum of squares, the testg procedure goes o to the computg of the total sum of squares, as total varace of the depedet varable, preseted (8), [11] ad (9). where: y SST 1 y 1 y y 1 2 (8) (9) 592

SST s the total sum of squares; y s the average of the depedet varable; The explaed sum of squares s defed as the explaed varace of the model ad reflects the sum of the dffereces betwee the ftted values ŷ ad the average of the depedet varable ad s preseted (10) 1 2 yˆ y SSE (10) The test case wll cotue by checkg whether the total sum of squares s equal to the sum of the explaed sum of squares ad the resdual sum of squares, show the relato (11); SST = SSE + SSR; (11) The ext step cossts of the computg of the coeffcet of determato R 2 preseted (12) ad whether t belogs to the terval [0,1]. 2 R SSE / SST 1 SSR / SST (12) Addtoal aspects related to how the results are saved bary fles, XML fles or databases are also tested, order that the data should be used aga the future. The testg team checks f the data s correctly saved ad whether there are ay coverso errors geerated by the software durg the seralzato ad deseralzato procedures. All of the relevat aspects determed the testg stage are take to accout for the trasformato process. The recogto ad solvg of computg ssues esures that the process of reegeerg wll ga effcecy ad wll offer a hgher level of qualty to the software applcato. The test cases are also reflectg upo the securty aspects of the applcato. However, the followg secto, several securty ssues dstrbuted applcatos developmet wll be descrbed. 4. Securty assurace dstrbuted ecoometrc applcatos developmet I dstrbuted applcatos reegeerg the securty assurace s a very mportat elemet, whch has always bee serously cosdered. The work dstrbuted evromets such as computer etworks ad the sharg of formato through the Iteret has to otfy the presece of threats ad dagers. I our case, due to the techology mplemeted the two-stage least squares dstrbuted applcato for ecoometrcs, t s compulsory to assure that the data ad the software are protected a approprate maer. Whe users wat to access the webstes of the dstrbuted ecoometrc applcato they have to pass through the authetcato procedure. They have the possblty to create a user accout, ad after that to log for beg redrected the ma page. Asp.NET forms authetcato s used for reachg the authetcato process, wth all the elemets provded by.net Framework [9] ad Wdows Server 2008. Before the 593

reegeerg process, the applcato dd ot have ay authetcato procedures defed, sce t had t bee projected for the dstrbuted evromet. The process of reegeerg trasformed t radcally to a dstrbuted applcato wth specal eeds, such as cocurret access, authetcato, authorzato ad cryptography. Cosequetly, custom methods for defg the process of forms authetcato have bee talzed, due to the target groups requremets. The ecrypto of cofgurato fles has also bee acheved for the dstrbuted ecoometrc applcato, ad t was straghtforwardly doe by meas of the.net Framework, just through the addto of specal drectves for securty. Before the ecrypto, the coecto strgs secto from the cofgurato fles looked lke fgure 3. The evoluto of requremets brought a evoluto the applcatos cofgurato securty, so as the cofgurato fles ad the password table to become ecrypted. <coectostrgs> <add ame="coectoutlz" coectostrg="data Source=.\SQLEXPRESS;Ital Catalog=phdresearch2;Itegrated Securty=True;Poolg=False" /> <add ame="phdresearch2coectostrg" coectostrg="data Source=PROGRAMARE03-PC\SQLEXPRESS;Ital Catalog=phdresearch3;Itegrated Securty=True" provdername="system.data.sqlclet" /> </coectostrgs> Fgure 3. Web.cofg coecto strgs secto After the wrtg of the ecrypto method preseted fgure 4 ad [8], trasformatos are suddely made for obtag the results show fgure 5. The coecto strgs secto from the web cofgurato fle specfes that there are two databases tegrated the applcato. The reasos for the tegrato of two databases are the fact that the ecoometrc applcato uses a database dstrbuted by replcato. 594

prvate vod EcryptCoectoStrg() { System.Cofgurato.Cofgurato cofg = WebCofguratoMaager.OpeWebCofgurato("~"); CofguratoSecto CoectCofgSecto = cofg.getsecto("coectostrgs"); f (CoectCofgSecto!= ull &&!CoectCofgSecto.IsReadOly() &&!CoectCofgSecto.SectoIformato.IsProtected &&!CoectCofgSecto.SectoIformato.IsLocked ) { CoectCofgSecto.SectoIformato.ProtectSecto("DataProtectoCofguratoProvd er"); CoectCofgSecto.SectoIformato.ForceSave = true; cofg.save(cofguratosavemode.full); } else { CoectCofgSecto.SectoIformato.UprotectSecto(); CoectCofgSecto.SectoIformato.ForceSave = true; cofg.save(cofguratosavemode.full); } } Fgure 4. Asp.Net C# ecrypto method The method form fgure 4 uses a cofgurato object defed the System.Cofgurato amespace ad the System.Cofgurato.Cofgurato class. I the method, there s also specfed that the secto from the web cofgurato fle whch wll be ecrypted s the coecto strgs secto. The securty provder for dog the ecrypto s DataProtectoCofguratoProvder ad t mplemets Wdows Data Protecto Ap. The key dea s that [8] the Wdows Data Protecto Ap does ot allow the exportg of ecrypto keys, ad cosequetly the applcato has to ru o just a sgle server, whch s good for our case. If t s ecessary to work o multple applcato servers the DataProtectoCofguratoProvder has to be replaced by RSAProtectedCofguratoProvder whch use a RSA publk key cryptography algorthm. 595

<coectostrgs cofgprotectoprovder="dataprotectocofguratoprovder"> <EcryptedData> <CpherData> <CpherValue>AQAAANCMd8BFdERjHoAwE/Cl+sBAAAAWqz2wxtwUucSbHUAfMTwQA AAACAAAAAAAQZgAAAAEAACAAAACU+WAl43JVod9aEOcmhjHJ6DOKgX6vlsQTzj1dF+Vr waaaaaogaaaaaiaacaaaabietj4pxyzffxzz4fzjorijjhsoe5xvogemm57qafaacyglu +4k+6k7WjtQe7Q2FzEXo5Or8A0s7LMQpHxQg1Nh/r0EVDHu4etudMBkGNgrwbC7kLu rkfr7kst3afozo85bb3xdc0fkmdltvd995mgauiwkvh4f4kdgtkqu4u/okpbmgcrkhd6uv mf30jcnvtitepmqwdm1rc7ziotjgt0j5asx+da8tc0ojkvsgphs8ryrg+nauyu7ejj3b MPTxNCHZGFx/vgG/qcsfXvRThsdzGRkDL8VRFJF+v0hIdqIGrg2g+VFQkbIQ7aHD/Kwk21xEpv Lv7ZComc+FZuF58c4fB6ZJEAg9VI5/ybBjCls7aOsIHBX2+EYMUDuZ1qlRh0bStwjWIbGG7G FrzWRHUAMx/Xj3YpK3bRIqmuw8+6/xXvxgNgNeTQVdusUj6PksHqbFv4hdcPSdFPuCG6l Fq9+IkkmCkYMvZ+ODg3GtcEtbr4W4EHz2kHRP2CDmqoNChtYq5FrxlgXfXuB44X4+6PBes wsgwrn0dl9wfafrrnbbzqrucwezqe/mufvx4x5joqj6dqravvsbbaccfyjbhvky0qp0mte7 DaQtWFKaIjqT3H45I56t58NNLC2HDSR9QcZYxLcOyBR/MOAmQQqQPIGkvGkM2sFeY 32+5s4WlJrGmw8e/dB+fBGw6R0rcBBw9vNNmyYJJFoUMXh+QLOe6U4ZlWvWml8h02RlQ 1ofpxpkcF+Y/DZ2ZYXYeVaUYwxupjCrKdIf99vDGqTxv6CP4N7W0AX1UAqes4es/TSOSl DZA5HAHcDKrDcD2LTU/XEOGjtHgYgcGkUMLdrC5d7DxE/a2bjcIVY9shyjd8I+4Dm4raPQ CtjCb5IdLml3fxEjGQBJRYE7l2EN+Zz3mVTFEGBVbDeHjgSSAtfSg+JMzxj6A5UbUWmqXy7 K5UV1TeQThQu+McpwElJrKafkP41LQtkOeqXzpQBjqehgZByf1lkpqkS5BG1eYqzH1K/urfB0G KQE7Y4jraakBMNpJKOrLTLjNNEaLeu9GbVmZBhUHLboUVZvGJhWX7OevT3oQD+cDsl5 umxw+uqvtc+rs5lllzadhtmhvueopa12coygedvskc2oqb6hkexpjx0sxwxr2ybugmobi6jj 6lgZBzhKObCBtW9ypBwOBovVIpLZ8WZjGWuXHxIqPW4IlTP2QWT1BxJx9x0SUvN/zsr6ejWf 0Ow1ZlMvP+9xTHVmQSBfwDOjSLjrAmypx9ajMhR60VcvgDhTWbwHoHgWwq4QNx2eB+Bw +U331asYQxFG8l9L+uoNc46OZp5ASUHFgl1fL+kvCGdgIhwUdj8eRX/D2qGljLYAEE5 wxliq2uexwan56ict+ycwcxaxsx1s4ii1vlvswboe+cy0z/abfs/uxwum4b8uby4fzrrasvxyj jo/tuacv58ectlq+vowyotey/mwt+byg/a34duqjx8clhsyjm+ucnyayxair5bhvaoiecl 66HtSqENLTXjD3eWQuDHbUFErgCYwg0fIs93OtzPtA2MLS4yzR8l8jaBJhdCuhgf8gdsDvLdYZ VfbEJKhP6VRZel0g4IF5rkwsq/SelQ+AaEzoJhWVCB/t/FHLoCzIGamI7cZxB7VY+yXmBXgMKU ZdP8e5fCAFDdotVPhgacJOP91Q3WuyJ5hMz8EIJYNz22pK6q9hSoQgMhqSQAAAAP4FsZ NdxtrdAZUjvCX5ve49csGV1XuYHBLOO+MJKE/3J9aGVQqkhYhT/SQtQLS6qECtD69BUjaJr Z44LGSes=</CpherValue> </CpherData> </EcryptedData> </coectostrgs> Fgure 5. Web.cofg wth ecrypted coecto strgs secto I fgure 5 the ecrypted secto of coecto strgs from the cofgurato fle s preseted. Potetal hackers caot coect to the databases ad access the data, because of the ecrypto of the coecto strgs. The oly mache whch ca decrypt the above code s the server o whch the applcato rus o. Attackers may wat to break the server, but t s very dffcult, because Wdows Server 2008 s oe of the most secure servers ever bult. Aother very mportat thg dstrbuted applcatos developmet s the mplemetg of parameterzed SQL Commads ad stored procedures. I dstrbuted 596

ecoometrc applcatos, the work wth the SQL commads has to be doe wth maxmum of care, because hackers may wat to forge dettes ad delete the data from tables. Aother mportat dager whch has to be preveted s the SQL Ijecto Attack. Both of the dagers are preveted by sold authetcato ad authorzato procedures ad usg correct parameters SQL commads. The ext terato of reegeerg supposes movg to Wdows Commucato Foudato ad to tegrate the exstg modules of the applcato WCF Servces. Whe talkg about Wdows Commucato Foudato securty aspects we have to take to accout the trasport level securty ad message level securty. Each oe of the above metoed securty drectos are mportat for the developmet of relable ecoometrc software as dstrbuted applcatos. I ths case data set by messages betwee servces dstrbuted evromets s as well ecrypted. To coclude, we may say that securty reegeerg tegrates tself the IT reegeerg project ad offers a hgher level of cofdece the use ad admstrato of the dstrbuted ecoometrc applcato. 5. Coclusos To sum up, ths paper has descrbed the objectves acheved by the authors the feld of dstrbuted applcatos developmet for ecoometrcs. Ths desderatum of the reegeerg presumed the defg of ew strateges of testg, whch are dfferet from the oes metoed the usual testg model, due to the startg pot of the project, whch cossts of the actve applcato, beg subjected to reegeerg. We defed our ow dcators ad metrcs so as to determe the geeral mage of the exstg software applcato, whch has bee subjected to reegeerg. Cosequetly, the qualty assessmet became more effcet ad the reegeerg team had the opportuty to get a more accurate mage about the work eed to be doe the followg stages of the IT project. Securty reegeerg mples the study ad optmzato of the etre software etty at all levels. Furthermore, securty reegeerg does offer ew securty strateges cocerg the software product, such as archtecture, desg, source code ad database ter. Mgratg to ew techologes, such as WCF supposes that mportat chages are made the securty polces, o the bass of the tegrato of huma readable applcatos to mache to mache commucato over dstrbuted systems. 6. Refereces [1] Ecyclopaeda Brtaca ole, 2010, www.brtaca.com [2] Mes T, Demeyer S. Software Evoluto, Sprger, 2008, ISBN 978-3-540-76439- 7. [3] Bergso, H. Creatve Evoluto, Hery Holt ad Compay, New York, 1911, ISBN 0-486-40036-0. [4] Iva, I., Popa, M., Tomoze, C. Regera ettaţlor text, Revsta Romaa de Iformatca ş Automatca, vol.15 r.ii, 2005 pp. 15 28, ISSN 1220-1758. 597

[5] Tomoze, C. Hypertext Ettes Sematc Web-Oreted Reegeerg, Joural of Appled Quattatve Methods, vol.iii r. 1, 2008, pp. 9-19,ISSN 1842-4562. [6] Koschke, R. Idetfyg ad Removg Software Cloes, Software Evoluto, Sprger, 2008, pp. 15 36, ISBN 978-3-540-76439-7. [7] BLACK, R. Crtcal Testg Processes: Pla, Prepare, Perform, Perfect, Addso Wesley, 2003, ISBN 0-201-74868-1. [8] Wldermuth, S., Blomsa, M., Wghtma, J. Mcrosoft.NET Framework 3.5 ADO.NET Applcato Developmet, Mcrosoft Press, 2009, ISBN 978-0- 7356-2563-1. [9] Northrup, N. Mcrosoft.NET Framework 3.5 Applcato Developmet Foudato, Mcrosoft Press, 2009, ISBN 978-0-7356-2619-5. [10] Felds, J., Harve, S., Fowler, M., Black, K. Refactorg, Ruby Edto, Addso Wesley, 2010, ISBN-13: 978-0-321-60350-0 [11] Wooldrdge, J.M., Itroductory Ecoometrcs, A Moder Approach, South Wester Cegage Learg, 2009, pp. 506-546, ISBN-13: 9780324581621. [12] Wooldrdge, J.M Ecoometrc Aalyss of Cross Secto ad Pael Data, The MIT Press, 2002, ISBN 0-262-23219-7. [13] Patrut, B., Padele, I. How to Compute the Refereces Emergeces a Hyper-ecyclopedya, Recet Advaces Systems Egeerg ad Appled Mathematcs. S WSEAS cofereces Istabul, Istabul, 2008 p.72-75, ISBN 978-960-6766-91-6, ISSN 1790-2769. 1 Cosm TOMOZEI s Uversty Assstat - Lecturer at the Mathematcs ad Computer Scece Departmet from Faculty of Sceces of the Vasle Alecsadr Uversty of Bacau. He s a PhD caddate from October 2007 at Ecoomc Iformatcs Departmet from Academy of Ecoomc Studes, Bucharest. He holds a Master Scece - Databases - Busess Support from the Academy of Ecoomc Studes, Bucharest. He graduated Ecoomc Iformatcs at Faculty of Ecoomc Cyberetcs, Statstcs ad Iformatcs 2006. Hs ma research areas are: object oreted programmg, fuctoal programmg Lsp ad F#, software reegeerg ad dstrbuted applcatos developmet. He s the author of 27 peer revewed scetfc papers. 2 Bogda PATRUT (b. Jue 16, 1969) receved hs BSc Iformatcs (1994), MSc Dstrbuted Programmg (1996), PhD Accoutg ad Busess Iformato Systems (2007) from Al. I. Cuza Uversty of Ias, Romaa, ad PhD Iformatcs (2008) from "Babes-Bolya" Uversty of Cluj-Napoca. Now he s assocate professor of formatcs at Mathematcs ad Computer Scece Departmet, Faculty of Sceces, "V. Alecsadr" Uversty of Bacau, Romaa. Hs curret research terests clude dfferet aspects of Artfcal Itellgece. He has (co- )authored 23 books ad more tha 20 papers, more tha 10 cofereces partcpato, member Iteratoal Program Commttee of 4 cofereces ad workshops. 598