Wednesday, May 25, 2005

Assignment 4: Article Review

Writing Secure Web Applications
http://www.advosys.ca/papers/web-security.html#log

Based on what we have learned about the majority of the web using the lamp architecture, the security problems that this article points out is a very useful resource for everyone to go back and read. Even with these risks being documented across the internet and have even caused damage to sites, it is still very easy to just be a lazy programmer and not make sure that every security hole is fixed. Perhaps one reason these security flaws are not always on the front page of one’s to-do list, is that with web applications, an individual can quickly make the change if someone finds the flaw. This way of thought though is obviously not correct as financial lost could be a hard hit to face. I feel that the article best sums up this fact in its summary regarding closing the “barn door” Security needs to be covered on all fronts from the roof to the floor so that the barn can be completely secured on all fronts. Why even bother with the rest if your going to leave the door open to do what every a hacker would want to!

How to Conduct a Heuristic Evaluation
http://www.useit.com/papers/heuristic/heuristic_evaluation.html

This paper is a very interesting read and discusses how Heuristic Evaluation improves the evaluation benefits in both cost and finding usability issues. Usability issues the paper says can not all be discovered no matter how good an individual evaluator is or how many evaluators you have. It comes out to be a fine balance of cost and usability improvements on the web site in the evaluation process. The number that the paper noted where the cost benefits and issues found was with 5 testers. I am interested if other research shows different results in this balance based on different test groups. Still though, I see how the balance of more people looking at entire website and not being stuck in one spot would allow more issues to be found as each person would be able to see the site from a different view point. Once the numbers of group members grows, from my own team experience the results become a much slower process, so I do agree with the concept of this balance

0 Comments:

Post a Comment

<< Home