173,910 research outputs found
Integrating security policy design in the software design
Security is an integral part of most distributed modern software systems, but
is still not considered as an explicit part in the development process.
Security mechanisms and policies are generally added to existing systems as an
afterthought, with all the problems of unsatisfied security requirements,
integration difficulties and mismatches between running system and the design
models. We propose to integrate the design of application-oriented access
control policies early into the system’s development process. The standard
language for modeling the design of systems the Unified Modeling Language
(UML), is used to specify access control policies. Within the integration we
will develop extensions of the UML model support the automatic generation and
verification of a access control policy to configure a distributed component-
based for view-based access control
Proposing a secure component-based-application logic and system’s integration testing approach
Software engineering moved from traditional methods of software enterprise applications to com-ponent based development for distributed system’s applications. This new era has grown up forlast few years, with component-based methods, for design and rapid development of systems, butfact is that , deployment of all secure software features of technology into practical e-commercedistributed systems are higher rated target for intruders. Although most of research has been con-ducted on web application services that use a large share of the present software, but on the otherside Component Based Software in the middle tier ,which rapidly develops application logic, alsoopen security breaching opportunities .This research paper focus on a burning issue for researchersand scientists ,a weakest link in component based distributed system, logical attacks, that cannotbe detected with any intrusion detection system within the middle tier e-commerce distributed ap-plications. We proposed An Approach of Secure Designing application logic for distributed system,while dealing with logically vulnerability issue
Recommended from our members
The structure of global economic integration and conflict
Empirical examinations have reached a number of conclusions regarding the relationship between global economic integration and interstate conflict. Most studies find that increased economic relations dampen the likelihood of interstate violence. Yet these studies have focused largely on bilateral trade measures and domestic-level causal mechanisms. In this paper I take the discussion to the structural level and construct systemic variables for global economic openness and concentration. I then test the relationships among these variables and international conflict using an autoregressive model and event count regression methods. The outcomes suggest that high levels of hegemonic protection and global economic concentration are associated with low levels of systemic violence, a finding that runs counter to much of the existing empirical and theoretical literature surrounding the international market and conflict.Governmen
Advanced Cyberinfrastructure for Science, Engineering, and Public Policy
Progress in many domains increasingly benefits from our ability to view the
systems through a computational lens, i.e., using computational abstractions of
the domains; and our ability to acquire, share, integrate, and analyze
disparate types of data. These advances would not be possible without the
advanced data and computational cyberinfrastructure and tools for data capture,
integration, analysis, modeling, and simulation. However, despite, and perhaps
because of, advances in "big data" technologies for data acquisition,
management and analytics, the other largely manual, and labor-intensive aspects
of the decision making process, e.g., formulating questions, designing studies,
organizing, curating, connecting, correlating and integrating crossdomain data,
drawing inferences and interpreting results, have become the rate-limiting
steps to progress. Advancing the capability and capacity for evidence-based
improvements in science, engineering, and public policy requires support for
(1) computational abstractions of the relevant domains coupled with
computational methods and tools for their analysis, synthesis, simulation,
visualization, sharing, and integration; (2) cognitive tools that leverage and
extend the reach of human intellect, and partner with humans on all aspects of
the activity; (3) nimble and trustworthy data cyber-infrastructures that
connect, manage a variety of instruments, multiple interrelated data types and
associated metadata, data representations, processes, protocols and workflows;
and enforce applicable security and data access and use policies; and (4)
organizational and social structures and processes for collaborative and
coordinated activity across disciplinary and institutional boundaries.Comment: A Computing Community Consortium (CCC) white paper, 9 pages. arXiv
admin note: text overlap with arXiv:1604.0200
Recommended from our members
An Assessment of PIER Electric Grid Research 2003-2014 White Paper
This white paper describes the circumstances in California around the turn of the 21st century that led the California Energy Commission (CEC) to direct additional Public Interest Energy Research funds to address critical electric grid issues, especially those arising from integrating high penetrations of variable renewable generation with the electric grid. It contains an assessment of the beneficial science and technology advances of the resultant portfolio of electric grid research projects administered under the direction of the CEC by a competitively selected contractor, the University of California’s California Institute for Energy and the Environment, from 2003-2014
A Socio-technical Analysis of Interdependent Infrastructures among the Built Environment, Energy, and Transportation Systems at the Navy Yard and the Philadelphia Metropolitan Region, USA
This paper reports on a research initiative that explores the interdependencies of the system of systems — the built
environment, energy, and transportation — related to the redevelopment of The Navy Yard in Philadelphia and the
Philadelphia Metropolitan Region. The overarching goal of the project is a clearer understanding of the dynamics of
multi-scale interactions and interdependencies of systems of sociotechnical systems that will be useful to system
practitioners. The understanding and the subsequent planning and design of sociotechnical systems are “wicked”
problems and one characteristic is there is no definitive formulation. One of the main findings or lessons learned of
the work reported for the understanding of interdependencies of infrastructure is the identification of what are the
problems or challenges because for wicked problems “[t]he formulation of the problem is the problem!”
We find that systems practitioners have an overarching concern of a fragmented regional policy and decision making
process. Four main themes of 1. Vulnerability of aging infrastructure, 2. Integration of emerging technology into
existing infrastructure, 3. Lifestyle and value changes, and 4. Financial innovations were identified as challenges.
Continuing research work explores three possible infrastructure projects for further study as well as the development
of a high-level systems of systems model. The principle outcome is the initiation of a planning process so that the
system practitioners will learn to better understand the connections among related sociotechnical systems and the
constellation of problems they face not within their immediate scope of responsibility yet influences the operations of
their systems
Planning and Design Soa Architecture Blueprint
Service Oriented Architecture (SOA) is a framework for integrating business processes and supporting IT infrastructure as secure, standardized components-services-that can be reused and combined to address changing business priorities. Services are the building blocks of SOA and new applications can be constructed through consuming these services and orchestrating services within a business process. In SOA, services map to the business functions that are identified during business process analysis. Upon a successful implementation of SOA, the enterprise gain benefit by reducing development time, utilizing flexible and responsive application structure, and following dynamic connectivity of application logics between business partners. This paper presents SOA reference architecture blueprint as the building blocks of SOA which is services, service components and flows that together support enterprise business processes and the business goals
Business integration models in the context of web services.
E-commerce development and applications have
been bringing the Internet to business and marketing
and reforming our current business styles and
processes. The rapid development of the Web, in
particular, the introduction of the semantic web and
web service technologies, enables business
processes, modeling and management to enter an
entirely new stage. Traditional web based business
data and transactions can now be analyzed,
extracted and modeled to discover new business
rules and to form new business strategies, let alone
mining the business data in order to classify
customers or products. In this paper, we investigate
and analyze the business integration models in the
context of web services using a micro-payment
system because a micro-payment system is
considered to be a service intensive activity, where
many payment tasks involve different forms of
services, such as payment method selection for
buyers, security support software, product price
comparison, etc. We will use the micro-payment case
to discuss and illustrate how the web services
approaches support and transform the business
process and integration model.
- …