Quantitative Assessment Of The Modularization Of Security Design Patterns With Aspects

Quantitative Assessment of the Modularization of Security Design Patterns with Aspects

Author : Crystal C. Edge

Publisher :

Page : 262 pages

File Size : 38,42 MB

Release : 2010

Category :

ISBN :

Get eBook

Book Description

Following the success of software engineering design patterns, security patterns are a promising approach to aid in the design and development of more secure software systems. At the same time, recent work on aspect-oriented programming (AOP) suggests that the cross-cutting nature of software security concerns makes it a good candidate for AOP techniques. This work uses a set of software metrics to evaluate and compare object-oriented and aspect-oriented implementations of five security patterns---Secure Base Action, Intercepting Validator, Authentication Enforcer, Authorization Enforcer, and Secure Logger. Results show that complete separation of concerns was achieved with the aspect-oriented implementations and the modularity of the base application was improved, but at a cost of increased complexity in the security pattern code. In most cases the cohesion, coupling, and size metrics were improved for the base application but worsened for the security pattern package. Furthermore, a partial aspect-oriented solution, where the pattern code is decoupled from the base application but not completely encapsulated by the aspect, demonstrated better modularity and reusability than a full aspect solution. This study makes several contributions to the fields of aspect-oriented programming and security patterns. It presents quantitative evidence of the effect of aspectization on the modularity of security pattern implementations. It augments four existing security pattern descriptions with aspect-oriented solution strategies, complete with new class and sequence diagrams based on proposed aspect-oriented UML extensions. Finally, it provides a set of role-based refactoring instructions for each security pattern, along with a proposal for three new basic generalization refactorings for aspects.



Information Security in Diverse Computing Environments

Author : Kayem, Anne

Publisher : IGI Global

Page : 380 pages

File Size : 34,66 MB

Release : 2014-06-30

Category : Computers

ISBN : 1466661593

Get eBook

Book Description

"This book provides the latest empirical research and theoretical frameworks in the area of information security, presenting research on developing sufficient security measures for new environments by discussing challenges faced by researchers as well as unconventional solutions to these problems"--Provided by publisher.



Fundamental Approaches to Software Engineering

Author : Dimitra Giannakopoulou

Publisher : Springer

Page : 476 pages

File Size : 21,44 MB

Release : 2011-03-14

Category : Computers

ISBN : 3642198112

Get eBook

Book Description

This book constitutes the refereed proceedings of the 14th International Conference on Fundamental Approaches to Software Engineering, FASE 2011, held in Saarbrücken, Germany, March 26—April 3, 2011, as part of ETAPS 2011, the European Joint Conferences on Theory and Practice of Software. The 29 revised full papers presented together with one full length invited talk were carefully reviewed and selected from 99 full paper submissions. The papers are organized in topical sections on verification, specification and modeling, reachability and model checking, model driven engineering, software development for QoS, testing: theory and new trends, testing in practice, code development and analysis, and empirical studies.





Encyclopedia of Information Science and Technology, Third Edition

Author : Khosrow-Pour, Mehdi

Publisher : IGI Global

Page : 7972 pages

File Size : 50,8 MB

Release : 2014-07-31

Category : Computers

ISBN : 1466658894

Get eBook

Book Description

"This 10-volume compilation of authoritative, research-based articles contributed by thousands of researchers and experts from all over the world emphasized modern issues and the presentation of potential opportunities, prospective solutions, and future directions in the field of information science and technology"--Provided by publisher.





Just Enough Software Architecture

Author : George Fairbanks

Publisher : Marshall & Brainerd

Page : 378 pages

File Size : 36,12 MB

Release : 2010-08-30

Category : Computers

ISBN : 0984618104

Get eBook

Book Description

This is a practical guide for software developers, and different than other software architecture books. Here's why: It teaches risk-driven architecting. There is no need for meticulous designs when risks are small, nor any excuse for sloppy designs when risks threaten your success. This book describes a way to do just enough architecture. It avoids the one-size-fits-all process tar pit with advice on how to tune your design effort based on the risks you face. It democratizes architecture. This book seeks to make architecture relevant to all software developers. Developers need to understand how to use constraints as guiderails that ensure desired outcomes, and how seemingly small changes can affect a system's properties. It cultivates declarative knowledge. There is a difference between being able to hit a ball and knowing why you are able to hit it, what psychologists refer to as procedural knowledge versus declarative knowledge. This book will make you more aware of what you have been doing and provide names for the concepts. It emphasizes the engineering. This book focuses on the technical parts of software development and what developers do to ensure the system works not job titles or processes. It shows you how to build models and analyze architectures so that you can make principled design tradeoffs. It describes the techniques software designers use to reason about medium to large sized problems and points out where you can learn specialized techniques in more detail. It provides practical advice. Software design decisions influence the architecture and vice versa. The approach in this book embraces drill-down/pop-up behavior by describing models that have various levels of abstraction, from architecture to data structure design.



Real-Time Systems Design and Analysis

Author : Phillip A. Laplante

Publisher : Wiley-IEEE Press

Page : 392 pages

File Size : 32,94 MB

Release : 1997

Category : Computers

ISBN :

Get eBook

Book Description

"IEEE Press is pleased to bring you this Second Edition of Phillip A. Laplante's best-selling and widely-acclaimed practical guide to building real-time systems. This book is essential for improved system designs, faster computation, better insights, and ultimate cost savings. Unlike any other book in the field, REAL-TIME SYSTEMS DESIGN AND ANALYSIS provides a holistic, systems-based approach that is devised to help engineers write problem-solving software. Laplante's no-nonsense guide to real-time system design features practical coverage of: Related technologies and their histories Time-saving tips * Hands-on instructions Pascal code Insights into decreasing ramp-up times and more!"



SOA Design Patterns

Author : Thomas Erl

Publisher : Pearson Education

Page : 1020 pages

File Size : 13,16 MB

Release : 2008-12-31

Category : Computers

ISBN : 0138158193

Get eBook

Book Description

In cooperation with experts and practitioners throughout the SOA community, best-selling author Thomas Erl brings together the de facto catalog of design patterns for SOA and service-orientation. More than three years in development and subjected to numerous industry reviews, the 85 patterns in this full-color book provide the most successful and proven design techniques to overcoming the most common and critical problems to achieving modern-day SOA. Through numerous examples, individually documented pattern profiles, and over 400 color illustrations, this book provides in-depth coverage of: • Patterns for the design, implementation, and governance of service inventories–collections of services representing individual service portfolios that can be independently modeled, designed, and evolved. • Patterns specific to service-level architecture which pertain to a wide range of design areas, including contract design, security, legacy encapsulation, reliability, scalability, and a variety of implementation and governance issues. • Service composition patterns that address the many aspects associated with combining services into aggregate distributed solutions, including topics such as runtime messaging and message design, inter-service security controls, and transformation. • Compound patterns (such as Enterprise Service Bus and Orchestration) and recommended pattern application sequences that establish foundational processes. The book begins by establishing SOA types that are referenced throughout the patterns and then form the basis of a final chapter that discusses the architectural impact of service-oriented computing in general. These chapters bookend the pattern catalog to provide a clear link between SOA design patterns, the strategic goals of service-oriented computing, different SOA types, and the service-orientation design paradigm. This book series is further supported by a series of resources sites, including soabooks.com, soaspecs.com, soapatterns.org, soamag.com, and soaposters.com.