189,373 research outputs found
An aspect-oriented approach to relating security requirements and access control
Affecting multiple parts in software systems, security requirements often tangle with functional requirements. In order to separate crosscutting concerns and increase modularity, we propose to represent security requirements as aspects that can be woven into functional requirements. Using problem frames to model the functional requirements, weaving is achieved by composing the modules representing security aspects with the requirement models. Moreover, we provide guidance on how such security aspects are structured to implement a particular access control solution. As a result, such security aspects become reusable solution patterns to refine the structure of security-related problem
Security Issues in a SOA-based Provenance System
Recent work has begun exploring the characterization and utilization of provenance in systems based on the Service Oriented Architecture (such as Web Services and Grid based environments). One of the salient issues related to provenance use within any given system is its security. Provenance presents some unique security requirements of its own, which are additionally dependent on the architectural and environmental context that a provenance system operates in. We discuss the security considerations pertaining to a Service Oriented Architecture based provenance system. Concurrently, we outline possible approaches to address them
Adaptive development and maintenance of user-centric software systems
A software system cannot be developed without considering the various facets of its environment. Stakeholders – including the users that play a central role – have their needs, expectations, and perceptions of a system. Organisational and technical aspects of the environment are constantly changing. The ability to adapt a software system and its requirements to its environment throughout its
full lifecycle is of paramount importance in a constantly changing environment. The continuous involvement of users is as important as the constant evaluation of the system and the observation of evolving environments. We present a methodology for adaptive software systems development and
maintenance. We draw upon a diverse range of accepted methods including participatory design, software architecture, and evolutionary design. Our focus is on user-centred software systems
Tool support for security-oriented virtual research collaborations
Collaboration is at the heart of e-Science and e-Research
more generally. Successful collaborations must address both
the needs of the end user researchers and the providers
that make resources available. Usability and security are
two fundamental requirements that are demanded by many
collaborations and both concerns must be considered from
both the researcher and resource provider perspective. In
this paper we outline tools and methods developed at the
National e-Science Centre (NeSC) that provide users with
seamless, secure access to distributed resources through
security-oriented research environments, whilst also allowing resource providers to define and enforce their own local access and usage policies through intuitive user interfaces. We describe these tools and illustrate their application in the ESRC-funded Data Management through e-Social Science (DAMES) and the JISC-funded SeeGEO projects
Towards a re-engineering method for web services architectures
Recent developments in Web technologies – in particular
through the Web services framework – have greatly enhanced the flexible and interoperable implementation of service-oriented software architectures. Many older Web-based and other distributed software systems will be re-engineered to a Web services-oriented platform. Using an advanced
e-learning system as our case study, we investigate central aspects of a re-engineering approach for the Web services platform. Since our aim is to provide components of the legacy system also as services in the new platform, re-engineering to suit the new development paradigm is as important as re-engineering to suit the new architectural requirements
Early aspects: aspect-oriented requirements engineering and architecture design
This paper reports on the third Early Aspects: Aspect-Oriented Requirements Engineering and Architecture Design Workshop, which has been held in Lancaster, UK, on March 21, 2004. The workshop included a presentation session and working sessions in which the particular topics on early aspects were discussed. The primary goal of the workshop was to focus on challenges to defining methodical software development processes for aspects from early on in the software life cycle and explore the potential of proposed methods and techniques to scale up to industrial applications
End-to-End QoS Support for a Medical Grid Service Infrastructure
Quality of Service support is an important prerequisite for the adoption of Grid technologies for medical applications. The GEMSS Grid infrastructure addressed this issue by offering end-to-end QoS in the form of explicit timeliness guarantees for compute-intensive medical simulation services. Within GEMSS, parallel applications installed on clusters or other HPC hardware may be exposed as QoS-aware Grid services for which clients may dynamically negotiate QoS constraints with respect to response time and price using Service Level Agreements. The GEMSS infrastructure and middleware is based on standard Web services technology and relies on a reservation based approach to QoS coupled with application specific performance models. In this paper we present an overview of the GEMSS infrastructure, describe the available QoS and security mechanisms, and demonstrate the effectiveness of our methods with a Grid-enabled medical imaging service
Towards a virtual research environment for paediatric endocrinology across Europe
Paediatric endocrinology is a medical specialty dealing with variations of physical growth and sexual development in childhood. Genetic anomalies that can cause disorders of sexual development in children are rare. Given this, sharing and collaboration on the small number of cases that occur is needed by clinical experts in the field. The EU-funded EuroDSD project (www.eurodsd.eu) is one such collaboration involving clinical centres and clinical and genetic experts across Europe. Through the establishment of a virtual research environment (VRE) supporting sharing of data and a variety of clinical and bioinformatics analysis tools, EuroDSD aims to provide a research infrastructure for research into disorders of sex development. Security, ethics and information governance are at the heart of this infrastructure. This paper describes the infrastructure that is being built and the inherent challenges in security, availability and dependability that must be overcome for the enterprise to succeed
- …