Auflistung nach Autor:in "Simon, Daniel"
1 - 7 von 7
Treffer pro Seite
Sortieroptionen
- ZeitschriftenartikelFuzzing: Testing Security in Maintenance Projects(Softwaretechnik-Trends: Vol. 32, No. 2, 2012) Simon, Frank; Simon, DanielFrank Simon, Daniel Simon SQS Software Quality Systems AG, Stollwerckstraße 11, 51149 Cologne, Germany Email: frank.simon|daniel.simon@sqs.com Abstract: New trends in IT industry impose increasingly requirements on openness and interoperability via networks to enterprise software systems. As a consequence, more and more legacy applications are made available via interfaces more openly through mobile and insecure networks, thereby inducing security risks the initial designs have never had to account for. In this paper, we show how a highly automatable black-box method called fuzzing for testing security can be integrated into testing processes to increase interfaces of legacy application in terms of security profiles. tem for mobile communication as example has not only to be tested for its own but might motivate deeper testing of directly connected components. For a more systematic view on these implicit testing adjustments testing can be refined into four steps (a more general approach can be found in [2]: 1. Identification of test objects (What artefacts relevant for project success?) 2. Identification of quality attributes (What properties should the artefacts have?) 3. Determination of corresponding test activities to ensure artefacts having particular attributes 4. Clustering of test activities into test stages that can be executed in conjunction This paper focuses the following aspect: Adding new interfaces creates new test objects as well as it produces new or at least adjusted priorities for quality attributes requiring additional test activities on all test stages. Quality attributes for software can be taken from ISO 25000 family of standards. [3] In particular when adding new service interfaces to legacy applications the first time, security should be seen as one of the top priorities. Security is defined in the ISO 25010 standard as the Degree to which a product or system protects information and data so that persons or other products or systems have the degree of data access appropriate to their types and levels of authorization.
- ZeitschriftenartikelGeschäftsarchitektur — EAM-Kontext- oder Gestaltungsvariable?(Wirtschaftsinformatik & Management: Vol. 5, No. 3, 2013) Simon, Daniel
- ZeitschriftenartikelIntegrating IT Portfolio Management with Enterprise Architecture Management(Enterprise Modelling and Information Systems Architectures - An International Journal: Vol. 8, Nr. 2, 2013) Simon, Daniel; Fischbach, Kai; Schoder, DetlefThe management of information technology (IT) as a business has become a crucial factor in today’s complex and dynamic environments. Many firms thus have implemented IT portfolio and enterprise architecture (EA) management practices, and academic research has paid increasing attention to these concepts. However, their integration seems poorly substantiated; this article therefore seeks to answer two main questions: (1) What are differences and common characteristics of IT portfolio and EA management, and in what way can they be integrated? and (2) what factors and types might describe an integrated process design of EA management and project portfolio management in particular? To answer these questions, this study synthesises previous research and surveys EA practitioners to propose an EA management process map, as well as three descriptive factors and four clusters, which provide an integrated process design with project portfolio management. The interrelations with organisational aspects and software tool support are also explored. This article thereby clarifies and systematises the subject area while also offering advice for researchers and practitioners.
- KonferenzbeitragEin iterativer, eigenmotivierter Regelkreis zur Einführung von Code-Quality-Management innerhalb der Raiffeisen Bausparkasse GmbH Wien(Software archeology and the handbook of software architecture, 2008) Simon, Frank; Simon, Daniel; Madjari, AndreasDie Einführung von Code-Quality-Management (CQM), d.h. der systematischen Transparenzschaffung und Optimierung technischer Aspekte großer IT-Systeme, wird aus wirtschaftlichen und risikobezogenen Gründen zunehmend relevant. Der Weg zu einem solchen erfolgreichen CQM ist allerdings in jedem neuen Projekt schwierig und aufwändig: Ein wesentliches Risiko besteht dabei in der fehlenden konsensorientierten Abstimmung der verwendeten Kriterien, entlang derer CQM vorangebracht wird, sowie einem vorzeitigen Involvieren des Managements bzgl. erreichter bzw. erhoffter Ergebnisse. In diesem Papier wird der gesteuerte und erfolgreiche Einsatz von CQM innerhalb der Raiffeisen Bausparkasse GmbH Wien beschrieben. Kern ist hierbei ein iterativer und eigenmotivierter Regelkreis, der die Zustimmung des Teams systematisch erarbeitet und damit gleichzeitig eine höhere Management-Beteiligung ermöglicht. Dieser ermöglicht heute ein effizientes CQM innerhalb der Raiffeisen Bausparkasse GmbH Wien. In diesem Papier können einige erreichten Ergebnisse sogar quantifiziert werden, wobei auch wertvolle, über das reine CQM hinausgehende Mehrwerte festgestellt werden konnten.
- ZeitschriftenartikelLegal Aspects in Software Maintenance(Softwaretechnik-Trends: Vol. 33, No. 2, 2013) Euteneuer, Sven; Draws, Daniel; Simon, Daniel; Kolany, BarbaraSven Euteneuer, Daniel Draws, Daniel Simon SQS Software Quality Systems AG Stollwerckstraße 11, 51149 Cologne, Germany sven.euteneuer|daniel.draws|daniel.simon@sqs.com Abstract: In this paper we summarise the lessons learnt from our EU research project TIMBUS that deals with digital preservation. Digital preservation aims at ensuring continued access to digital information over time or technology changes and as such affects and utilises software design, development and maintenance (cf. [1]). There are numerous technical challenges to be considered for both successful digital preservation and software maintenance, but even if these technical challenges are solved, there are more hurdles along the way: not only technical but also legal aspects have to be considered.. Barbara Kolany Institut für Informations-, Telekommunikationsund Medienrecht, Zivilrechtliche Abteilung Leonardo-Campus 9, 48149 Münster, Germany barbara.kolany@uni-muenster.de The legal fields of interest in the European Union comprise Intellectual Property (IP) Rights; taking Directive 96/9/EC Database Directive (Legal protection of databases) [3]; Directive 2001/29/EC - Information Society Directive (Aspects of copyright an related rights) [4]; Directive 2009/24/EC - Computer Programs Directive (Legal protection of computer programs) [5]; and Directive 2006/116/EEC Copyright Duration Directive [6] into consideration; Data Protection regulations; taking Directive 95/46/EC The Data Protection Directive [7] into account; Legal obligations for preserving data in various sectors (i.e., ensure the continued access to certain information even in face of migrations); and IT contracting issues, e.g., license agreements; contracts between producers and users of software and/or data; escrow agreements Typical tasks of maintenance and reengineering affected by the above mentioned legal frameworks and regulations are, amongst others, The reproduction of software ('copying'); The adaption, translation and arrangement of software; The digitalisation of analogue documents; The renewal and change of data carrier; The conversion of data; The migration, porting, emulation of software and/or data [8]; Dealing with databases; and Licensing, and sourcing contracts.
- ZeitschriftenartikelEin Qualitätsmodell für digital preservierte Objekte beim Reengineering(Softwaretechnik-Trends Band 31, Heft 2, 2011) Simon, Frank; Simon, Daniel
- ZeitschriftenartikelStatische Code-Analyse als effiziente Qualitätssicherungsmaßnahme im Umfeld eingebetteter Systeme(Softwaretechnik-Trends Band 27, Heft 2, 2007) Simon, Daniel