A Software Development Methodology for Secure Web Application

In recent years, there has been a demand for Web applications with complex functions. In addition, most web applications efficiently manage data based on databases. While the key and critical dimension of developing these Web applications is analysis and design, most object-oriented analysis and design methods do not have a consistent view of the database. In addition, Java Enterprise Edition (EE) -based technologies are used in Web application implementations, but they do not provide any correlation with the database. On the other hand, as users' demands for security increase, security becomes more important. To this end, Java EE and database systems provide security solutions. However, it does not provide any correlation with object-oriented analysis and design methodology. As a result, it is difficult to develop secure web applications in a consistent way from analysis to implementation. In this paper, we propose a consistent software development methodology from analysis to implementation of secure web applications. The proposed software development methodology for web application development uses UMLsec, a security-emphasized modeling language, and object-relational (O-R) mapping for relational database design. It also uses Java servlets and SQL to implement analysis and design results based on role-based access control (RBAC). The software development methodology for the secure web application proposed in this paper has been applied to the development of the online banking system, from the design stage of the user's requirements analysis to the implementation of the web application

Object-oriented views: a novel approach for tool integration in design environments (dissertation)

Object-oriented databases have been proposed to serve as the data management component of integrated design environments. One central database represents a bottleneck, however, requiring all design tools to work on the same information model and preventing the extensibility of the system over time. In this dissertation, I propose a view-based object server that successfully addresses these problems by supporting design views tailored to the needs of individual design tools.A view on an object-oriented schema corresponds to a virtual subschema graph with restructured generalization and property decomposition hierarchies. I present a methodology for supporting multiple view schemata, called MutliView. MultiView is anchored on the following four ideas: (1) the customization of individual classes using object algebra, (2) the integration of these derived classes into one global schema graoh, (3) the extraction of virtual and base classes from the global schema as required by the view, and (4) the generation of a class hierarchy for these selected view classes. MutliView's division of view specification into these well-defined tasks, some of which have been successfully automated, makes it a powerful tool for supporting the specification of views by non-database experts while enforcing view consistency.In this dissertation, I describe solutions for all four tasks underlying MultiView. For the first task, I have formulated class derivatin operators modeled after the well-known relational algebra operators. For the second task, I have developed a classification algorithm that automatically integrates derived classes into one global schema. For the third task, I have designed a view definition language that can be used to declaratively specify the view classes required for a particular view. For the last task, I have developed an algorithm that generates a complete, minimal and consistent view schema. I present proofs of correctness, complexity analysis, and numerous illustrative examples for all algorithms.MultiView is applied to address the tool integration problem in a behavioral synthesis system. For this purpose, I first develop a unified design object model for behavioral synthesis. I then formulate customized design views of this model tailored to the needs of particular design tools. The resulting system allows the design tools to work on their view of the information model, while MultiView assures the consistent integration of the diverse design data into one object model

An Intelligent System for Investigations and Provision of Safety for Complex Constructions

Methodology of computer-aided investigation and provision of safety for complex constructions and a prototype of the intelligent applied system, which implements it, are considered. The methodology is determined by the model of the object under scrutiny, by the structure and functions of investigation of safety as well as by a set of research methods. The methods are based on the technologies of object-oriented databases, expert systems and on the mathematical modeling. The intelligent system’s prototype represents component software, which provides for support of decision making in the process of safety investigations and investigation of the cause of failure. Support of decision making is executed by analogy, by determined search for the precedents (cases) with respect to predicted (on the stage of design) and observed (on the stage of exploitation) parameters of the damage, destruction and malfunction of a complex hazardous construction

Using Scenario for building hypermedia systems

ABSTRACT This paper proposes a (SHDM, scenario-based hypermedia design methodology). The methodology consists of five phases: domain analysis, object modeling, navigation design, implementation design, and construction. Users' requirements are analyzed with a responsibility-driven technology using scenarios. Object-oriented views are generated as the result of object modeling, and then used for the subsequent navigation and implementation design. The implementation design phase deals with database schema, page structure and flow, and user interface. The SHDMTool is built to effectively support design phases. A repository based on IRDS standard is developed to integrate different hypermedia design methodologies. The SHDM integrates enterprise databases with distributed hypermedia systems such as internet, intranet, electronic commerce, and virtual enterprise

Defining and using road network data in an accident database

This thesis proposes improvements to the design of road accident databases typically used by local authorities in England. The present design tends to lead to inconsistencies in the information relating to the road network contained in the database. A methodology for the redesign of the database is proposed which will lead to greater data integrity and provide additional and more detailed information. The advantages of the system are demonstrated by producing accident predictive relationships for sharp bends and minor junctions. The design has been carried out in the context of a relational database system incorporating data from a geographical information system. The advantages of an object-oriented system are also considered and proposed as a direction for further research

The M*-object methodology for information system design in CIM environments : the organisation analysis phase

M*-OBJECT is a methodology for information system analysis, design and implementation developed for CIM environments. It is based on an object-oriented approach and it covers in-depth analysis of static and dynamic aspects of the CIM information system. M*-OBJECT is made of three major phases : organisation analysis, conceptual design and implementation design. The organisation analysis phase provides a structured set of requirements. The conceptual design phase provides executable formal specifications of the information system. The implementation design phase provides the implementation description of necessary databases. Each phase is supported by a dedicated model and set of guidelines which can be computerised. This article focuses on the organisation analysis phase for which an organisation model based on the concepts of agent, event, function (process and activity) and component is proposed

Kernel arquitecture for CAD/CAM in shipbuilding enviroments

The capabilities of complex software products such as CAD/CAM systems are strongly supported by basic information technologies related with data management, visualization, communication, geometry modeling and others related with the development process. These basic information technologies are involved in a continuous evolution process, but over recent years this evolution has been dramatic. The main reason for this has been that new hardware capabilities (including graphic cards) are available at very low cost, but also a contributing factor has been the evolution of the prices of basic software. To take advantage of these new features, the existing CAD/CAM systems must undergo a complete and drastic redesign. This process is complicated but strategic for the future evolution of a system. There are several examples in the market of how a bad decision has lead to a cul-de-sac (both technically and commercially). This paper describes what the authors consider are the basic architectural components of a kernel for a CAD/CAM system oriented to shipbuilding. The proposed solution is a combination of in-house developed frameworks together with commercial products that are accepted as standard components. The proportion of in-house frameworks within this combination of products is a key factor, especially when considering CAD/CAM systems oriented to shipbuilding. General-purpose CAD/CAM systems are mainly oriented to the mechanical CAD market. For this reason several basic products exist devoted to geometry modelling in this context. But these basic products are not well suited to deal with the very specific geometry modelling requirements of a CAD/CAM system oriented to shipbuilding. The complexity of the ship model, the different model requirements through its short and changing life cycle and the many different disciplines involved in the process are reasons for this inadequacy. Apart from these basic frameworks, specific shipbuilding frameworks are also required. This second layer is built over the basic technology components mentioned above. This paper describes in detail the technological frameworks which have been used to develop the latest FORAN version.Postprint (published version

Implementing imperfect information in fuzzy databases

Information in real-world applications is often vague, imprecise and uncertain. Ignoring the inherent imperfect nature of real-world will undoubtedly introduce some deformation of human perception of real-world and may eliminate several substantial information, which may be very useful in several data-intensive applications. In database context, several fuzzy database models have been proposed. In these works, fuzziness is introduced at different levels. Common to all these proposals is the support of fuzziness at the attribute level. This paper proposes first a rich set of data types devoted to model the different kinds of imperfect information. The paper then proposes a formal approach to implement these data types. The proposed approach was implemented within a relational object database model but it is generic enough to be incorporated into other database models.ou