IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations

An Integrated Secure Software Engineering Approach for Functional, Collaborative, and Information Concerns

An Integrated Secure Software Engineering Approach for Functional, Collaborative, and Information Concerns
View Sample PDF
Author(s): J. A. Pavlich-Mariscal (Pontificia Universidad Javeriana, Colombia), S. Berhe (University of Connecticut, USA), A. De la Rosa Algarín (University of Connecticut, USA)and S. Demurjian (University of Connecticut, USA)
Copyright: 2014
Pages: 39
Source title: Handbook of Research on Emerging Advancements and Technologies in Software Engineering
Source Author(s)/Editor(s): Imran Ghani (Universiti Teknologi Malaysia, Malaysia), Wan Mohd Nasir Wan Kadir (Universiti Teknologi Malaysia, Malaysia)and Mohammad Nazir Ahmad (Universiti Teknologi Malaysia, Malaysia)
DOI: 10.4018/978-1-4666-6026-7.ch015

Purchase

View An Integrated Secure Software Engineering Approach for Functional, Collaborative, and Information Concerns on the publisher's website for pricing and purchasing information.

Abstract

This chapter explores a secure software engineering approach that spans functional (object-oriented), collaborative (sharing), and information (Web modeling and exchange) concerns in support of role-based (RBAC), discretionary (DAC), and mandatory (MAC) access control. By extending UML with security diagrams for RBAC, DAC, and MAC, we are able to design an application with all of its concerns, and not defer security to a later time in the design process that could have significant impact and require potentially wide-ranging changes to a nearly completed design. Through its early inclusion in the software design process, security concerns can be part of the application design process, providing separate abstractions for security via new UML diagrams. From these new UML diagrams, it is then possible to generate security policies and enforcement code for RBAC, DAC, and MAC, which separates security from the application. This modeling and generation allows security changes to have less of an impact on an application. The end result is a secure software engineering approach within a UML context that is capable of modeling an application's functional, collaborative, and information concerns. This is explored in this chapter.

Related Content

Babita Srivastava. © 2024. 21 pages.
Sakuntala Rao, Shalini Chandra, Dhrupad Mathur. © 2024. 27 pages.
Satya Sekhar Venkata Gudimetla, Naveen Tirumalaraju. © 2024. 24 pages.
Neeta Baporikar. © 2024. 23 pages.
Shankar Subramanian Subramanian, Amritha Subhayan Krishnan, Arumugam Seetharaman. © 2024. 35 pages.
Charu Banga, Farhan Ujager. © 2024. 24 pages.
Munir Ahmad. © 2024. 27 pages.
Body Bottom