388,958 research outputs found
Aspect-oriented security hardening of UML design models
© Springer International Publishing Switzerland 2015. This book comprehensively presents a novel approach to the systematic security hardening of software design models expressed in the standard UML language. It combines model-driven engineering and the aspect-oriented paradigm to integrate security practices into the early phases of the software development process. To this end, a UML profile has been developed for the specification of security hardening aspects on UML diagrams. In addition, a weaving framework, with the underlying theoretical foundations, has been designed for the systematic injection of security aspects into UML models. The work is organized as follows: chapter 1 presents an introduction to software security, model-driven engineering, UML and aspect-oriented technologies. Chapters 2 and 3 provide an overview of UML language and the main concepts of aspect-oriented modeling (AOM) respectively. Chapter 4 explores the area of model-driven architecture with a focus on model transformations. The main approaches that are adopted in the literature for security specification and hardening are presented in chapter 5. After these more general presentations, chapter 6 introduces the AOM profile for security aspects specification. Afterwards, chapter 7 details the design and the implementation of the security weaving framework, including several real-life case studies to illustrate its applicability. Chapter 8 elaborates an operational semantics for the matching/weaving processes in activity diagrams, while chapters 9 and 10 present a denotational semantics for aspect matching and weaving in executable models following a continuation-passing style. Finally, a summary and evaluation of the work presented are provided in chapter 11. The book will benefit researchers in academia and industry as well as students interested in learning about recent research advances in the field of software security engineering
Generating domain specific aspect code for navigation from platform specific models in MWACSL
MWACSL1 is an Aspect-Oriented and Model-Driven approach for software
development in the context of web applications. MWACSL uses domain specific
aspect languages for dealing with the different aspects of a system. In this context
one application is composed of a primary model and a set of aspect models, each one
expressed by means of a Domain Specific Aspect Language. Furthermore, MWACSL
is also based on Model-Driven Architecture as a way of separating the technological
details. If we look at the horizontal dimension of MWACSL, this paper is focused on
the platform specific level, while looking at the vertical dimension, the focus is on
the navigational aspect. The specific platform is Spring Web Flow, a framework that
has been thought for defining navigation flows. The main contributions of the paper
are the definition of a metamodel for Spring Web Flow and a set of model to text
transformations to generate web flows. These contributions can be considered as part
of the MWACSL approach.Ministerio de Ciencia y TecnologĂa TIN2007-64119Ministerio de Ciencia y TecnologĂa TIN-2007-67843-C06-0
Norms, organisations and semantic web services: The ALIVE approach
ALIVE is an EU FP7 STREP whose goal is the
convergence of organisational and normative modelling with and service-oriented architectures (SOAs) using model-driven
software engineering. The project provides a framework for designing and implementing systems, taking into account organisational,
coordination and service perspectives. A key project aspect is the integration of normative systems with live SOAs, through the distributed monitoring of normative state. Here we give a brief overview of the project, explore of the domain from a service context, outline the architecture under construction and sketch the use-cases that illustrate and inform the project.Peer ReviewedPostprint (published version
Early aspects: aspect-oriented requirements engineering and architecture design
This paper reports on the third Early Aspects: Aspect-Oriented Requirements Engineering and Architecture Design Workshop, which has been held in Lancaster, UK, on March 21, 2004. The workshop included a presentation session and working sessions in which the particular topics on early aspects were discussed. The primary goal of the workshop was to focus on challenges to defining methodical software development processes for aspects from early on in the software life cycle and explore the potential of proposed methods and techniques to scale up to industrial applications
Quality-aware model-driven service engineering
Service engineering and service-oriented architecture as an integration and platform technology is a recent approach to software systems integration. Quality aspects
ranging from interoperability to maintainability to performance are of central importance for the integration of heterogeneous, distributed service-based systems. Architecture models can substantially influence quality attributes of the implemented software systems. Besides the benefits of explicit architectures on maintainability and reuse, architectural constraints such as styles, reference architectures and architectural patterns can influence observable software properties such as performance. Empirical performance evaluation is a process of measuring and evaluating the performance of implemented software. We present an approach for addressing the quality of services and service-based systems at the model-level in the context of model-driven service engineering. The focus on architecture-level models is a consequence of the black-box
character of services
An ontology of agile aspect oriented software development
Both agile methods and aspect oriented programming (AOP) have emerged in recent years as new paradigms in software development. Both promise to free the process of building software systems from some of the constraints of more traditional approaches. As a software engineering approach on the one hand, and a software development tool on the other, there is the potential for them to be used in conjunction. However, thus far, there has been little interplay between the two. Nevertheless, there is some evidence that there may be untapped synergies that may be exploited, if the appropriate approach is taken to integrating AOP with agile methods. This paper takes an ontological approach to supporting this integration, proposing ontology enabled development based on an analysis of existing ontologies of aspect oriented programming, a proposed ontology of agile methods, and a derived ontology of agile aspect oriented development
Incorporating Security Behaviour into Business Models Using a Model Driven Approach
There has, in recent years, been growing interest in Model Driven Engineering (MDE), in which models are the primary design artifacts and transformations are applied to these models to generate refinements leading to usable implementations over specific platforms. There is also interest in factoring out a number of non-functional aspects, such as security, to provide reusable solutions applicable to a number of different applications. This paper brings these two approaches together, investigating, in particular, the way behaviour from the different sources can be combined and integrated into a single design model. Doing so involves transformations that weave together the constraints from the various aspects and are, as a result, more complex to specify than the linear pipelines of transformations used in most MDE work to date. The approach taken here involves using an aspect model as a template for refining particular patterns in the business model, and the transformations are expressed as graph rewriting rules for both static and behaviour elements of the models
Ontology-based patterns for the integration of business processes and enterprise application architectures
Increasingly, enterprises are using Service-Oriented Architecture (SOA) as an approach to Enterprise Application Integration (EAI). SOA has the potential to bridge
the gap between business and technology and to improve the reuse of existing applications and the interoperability with new ones. In addition to service architecture
descriptions, architecture abstractions like patterns and styles capture design knowledge and allow the reuse of successfully applied designs, thus improving the quality of
software. Knowledge gained from integration projects can be captured to build a repository of semantically enriched, experience-based solutions. Business patterns identify the interaction and structure between users, business processes, and data.
Specific integration and composition patterns at a more technical level address enterprise application integration and capture reliable architecture solutions. We use an
ontology-based approach to capture architecture and process patterns. Ontology techniques for pattern definition, extension and composition are developed and their
applicability in business process-driven application integration is demonstrated
A Framework for Evaluating Model-Driven Self-adaptive Software Systems
In the last few years, Model Driven Development (MDD), Component-based
Software Development (CBSD), and context-oriented software have become
interesting alternatives for the design and construction of self-adaptive
software systems. In general, the ultimate goal of these technologies is to be
able to reduce development costs and effort, while improving the modularity,
flexibility, adaptability, and reliability of software systems. An analysis of
these technologies shows them all to include the principle of the separation of
concerns, and their further integration is a key factor to obtaining
high-quality and self-adaptable software systems. Each technology identifies
different concerns and deals with them separately in order to specify the
design of the self-adaptive applications, and, at the same time, support
software with adaptability and context-awareness. This research studies the
development methodologies that employ the principles of model-driven
development in building self-adaptive software systems. To this aim, this
article proposes an evaluation framework for analysing and evaluating the
features of model-driven approaches and their ability to support software with
self-adaptability and dependability in highly dynamic contextual environment.
Such evaluation framework can facilitate the software developers on selecting a
development methodology that suits their software requirements and reduces the
development effort of building self-adaptive software systems. This study
highlights the major drawbacks of the propped model-driven approaches in the
related works, and emphasise on considering the volatile aspects of
self-adaptive software in the analysis, design and implementation phases of the
development methodologies. In addition, we argue that the development
methodologies should leave the selection of modelling languages and modelling
tools to the software developers.Comment: model-driven architecture, COP, AOP, component composition,
self-adaptive application, context oriented software developmen
Aspect-Oriented Programming
Aspect-oriented programming is a promising idea that can improve the quality of software by reduce the problem of code tangling and improving the separation of concerns. At ECOOP'97, the first AOP workshop brought together a number of researchers interested in aspect-orientation. At ECOOP'98, during the second AOP workshop the participants reported on progress in some research topics and raised more issues that were further discussed. \ud
\ud
This year, the ideas and concepts of AOP have been spread and adopted more widely, and, accordingly, the workshop received many submissions covering areas from design and application of aspects to design and implementation of aspect languages
- âŠ