59,339 research outputs found
A Framework for Evaluating Model-Driven Self-adaptive Software Systems
In the last few years, Model Driven Development (MDD), Component-based
Software Development (CBSD), and context-oriented software have become
interesting alternatives for the design and construction of self-adaptive
software systems. In general, the ultimate goal of these technologies is to be
able to reduce development costs and effort, while improving the modularity,
flexibility, adaptability, and reliability of software systems. An analysis of
these technologies shows them all to include the principle of the separation of
concerns, and their further integration is a key factor to obtaining
high-quality and self-adaptable software systems. Each technology identifies
different concerns and deals with them separately in order to specify the
design of the self-adaptive applications, and, at the same time, support
software with adaptability and context-awareness. This research studies the
development methodologies that employ the principles of model-driven
development in building self-adaptive software systems. To this aim, this
article proposes an evaluation framework for analysing and evaluating the
features of model-driven approaches and their ability to support software with
self-adaptability and dependability in highly dynamic contextual environment.
Such evaluation framework can facilitate the software developers on selecting a
development methodology that suits their software requirements and reduces the
development effort of building self-adaptive software systems. This study
highlights the major drawbacks of the propped model-driven approaches in the
related works, and emphasise on considering the volatile aspects of
self-adaptive software in the analysis, design and implementation phases of the
development methodologies. In addition, we argue that the development
methodologies should leave the selection of modelling languages and modelling
tools to the software developers.Comment: model-driven architecture, COP, AOP, component composition,
self-adaptive application, context oriented software developmen
PLACES'10: The 3rd Workshop on Programmng Language Approaches to concurrency and Communication-Centric Software
Paphos, Cyprus. March 201
UML-SOA-Sec and Saleem's MDS Services Composition Framework for Secure Business Process Modelling of Services Oriented Applications
In Service Oriented Architecture (SOA) environment, a software application is a
composition of services, which are scattered across enterprises and architectures.
Security plays a vital role during the design, development and operation of SOA
applications. However, analysis of today's software development approaches reveals
that the engineering of security into the system design is often neglected. Security is
incorporated in an ad-hoc manner or integrated during the applications development
phase or administration phase or out sourced. SOA security is cross-domain and all of
the required information is not available at downstream phases. The post-hoc, low-level
integration of security has a negative impact on the resulting SOA applications. General
purpose modeling languages like Unified Modeling Language (UML) are used for
designing the software system; however, these languages lack the knowledge of the
specific domain and "security" is one of the essential domains. A Domain Specific
Language (DSL), named the "UML-SOA-Sec" is proposed to facilitate the modeling of
security objectives along the business process modeling of SOA applications.
Furthermore, Saleem's MDS (Model Driven Security) services composition framework
is proposed for the development of a secure web service composition
FLACOSā08 Workshop proceedings
The 2nd Workshop on Formal Languages and Analysis of Contract-Oriented Software (FLACOSā08) is held in Malta. The aim of the workshop is to bring together researchers and practitioners working on language-based solutions to contract-oriented software development. The workshop is partially funded by the Nordunet3 project āCOSoDISā (Contract-Oriented Software Development for Internet Services) and it attracted 25 participants. The program consists of 4 regular papers and 10 invited participant presentations
Security-Driven Software Evolution Using A Model Driven Approach
High security level must be guaranteed in applications in order to mitigate risks during the deployment of information systems in open network environments. However, a significant number of legacy systems remain in use which poses security risks to the enterpriseā assets due to the poor technologies used and lack of security concerns when they were in design. Software reengineering is a way out to improve their security levels in a systematic way. Model driven is an approach in which model as defined by its type directs the execution of the process. The aim of this research is to explore how model driven approach can facilitate the software reengineering driven by security demand. The research in this thesis involves the following three phases.
Firstly, legacy system understanding is performed using reverse engineering techniques. Task of this phase is to reverse engineer legacy system into UML models, partition the legacy system into subsystems with the help of model slicing technique and detect existing security mechanisms to determine whether or not the provided security in the legacy system satisfies the userās security objectives.
Secondly, security requirements are elicited using risk analysis method. It is the process of analysing key aspects of the legacy systems in terms of security. A new risk assessment method, taking consideration of asset, threat and vulnerability, is proposed and used to elicit the security requirements which will generate the detailed security requirements in the specific format to direct the subsequent security enhancement.
Finally, security enhancement for the system is performed using the proposed ontology based security pattern approach. It is the stage that security patterns derived from security expertise and fulfilling the elicited security requirements are selected and integrated in the legacy system models with the help of the proposed security ontology.
The proposed approach is evaluated by the selected case study. Based on the analysis, conclusions are drawn and future research is discussed at the end of this thesis. The results show this thesis contributes an effective, reusable and suitable evolution approach for software security
Combining behavioural types with security analysis
Today's software systems are highly distributed and interconnected, and they
increasingly rely on communication to achieve their goals; due to their
societal importance, security and trustworthiness are crucial aspects for the
correctness of these systems. Behavioural types, which extend data types by
describing also the structured behaviour of programs, are a widely studied
approach to the enforcement of correctness properties in communicating systems.
This paper offers a unified overview of proposals based on behavioural types
which are aimed at the analysis of security properties
- ā¦