Security in a Distributed Processing Environment

Distribution plays a key role in telecommunication and computing systems today. It has become a necessity as a result of deregulation and anti-trust legislation, which has forced businesses to move from centralised, monolithic systems to distributed systems with the separation of applications and provisioning technologies, such as the service and transportation layers in the Internet. The need for reliability and recovery requires systems to use replication and secondary backup systems such as those used in ecommerce. There are consequences to distribution. It results in systems being implemented in heterogeneous environment; it requires systems to be scalable; it results in some loss of control and so this contributes to the increased security issues that result from distribution. Each of these issues has to be dealt with. A distributed processing environment (DPE) is middleware that allows heterogeneous environments to operate in a homogeneous manner. Scalability can be addressed by using object-oriented technology to distribute functionality. Security is more difficult to address because it requires the creation of a distributed trusted environment. The problem with security in a DPE currently is that it is treated as an adjunct service, i.e. and after-thought that is the last thing added to the system. As a result, it is not pervasive and therefore is unable to fully support the other DPE services. DPE security needs to provide the five basic security services, authentication, access control, integrity, confidentiality and non-repudiation, in a distributed environment, while ensuring simple and usable administration. The research, detailed in this thesis, starts by highlighting the inadequacies of the existing DPE and its services. It argues that a new management structure was introduced that provides greater flexibility and configurability, while promoting mechanism and service independence. A new secure interoperability framework was introduced which provides the ability to negotiate common mechanism and service level configurations. New facilities were added to the non-repudiation and audit services. The research has shown that all services should be security-aware, and therefore would able to interact with the Enhanced Security Service in order to provide a more secure environment within a DPE. As a proof of concept, the Trader service was selected. Its security limitations were examined, new security behaviour policies proposed and it was then implemented as a Security-aware Trader, which could counteract the existing security limitations.IONA TECHNOLOGIES PLC & ORANG

PABRE: Pattern-Based Requirements Elicitation

This paper presents our PABRE method for facilitating Requirements Elicitation on the basis of Requirement Patterns with the goal of saving time and reducing errors during this activity. The process presented applies for elicitation in Off-The-Shelf selection projects driven by call for tenders processes and uses a Requirement Patterns Catalogue. The process selects patterns from the catalogue that apply to the particular selection project, and convert them into the real requirements that finally configure the project Requirements Book. We show some benefits of the pattern approach for requirements engineers and IT consultants, as well as for customers. Finally we discuss the strengths and weaknesses of the proposal and identify some future work.Peer ReviewedPostprint (published version

A pattern-based method for building requirements documents in call-for-tender processes

This paper presents our PABRE method for facilitating Requirements Elicitation on the basis of Requirement Patterns with the goal of saving time and reducing errors during this activity. The process presented applies for elicitation in Off-The-Shelf selection projects driven by call-for-tender processes and uses a Requirement Patterns Catalogue. The process selects patterns from the catalogue that apply to the particular selection project, and convert them into the real requirements that finally configure the project Requirements Document. We show some benefits of the pattern approach for requirements engineers and IT consultants, as well as for customers. Finally we discuss the strengths and weaknesses of the proposal and identify some future work.Postprint (published version