173,909 research outputs found

    Integrating security policy design in the software design

    Get PDF
    Security is an integral part of most distributed modern software systems, but is still not considered as an explicit part in the development process. Security mechanisms and policies are generally added to existing systems as an afterthought, with all the problems of unsatisfied security requirements, integration difficulties and mismatches between running system and the design models. We propose to integrate the design of application-oriented access control policies early into the system’s development process. The standard language for modeling the design of systems the Unified Modeling Language (UML), is used to specify access control policies. Within the integration we will develop extensions of the UML model support the automatic generation and verification of a access control policy to configure a distributed component- based for view-based access control

    Proposing a secure component-based-application logic and system’s integration testing approach

    Get PDF
    Software engineering moved from traditional methods of software enterprise applications to com-ponent based development for distributed system’s applications. This new era has grown up forlast few years, with component-based methods, for design and rapid development of systems, butfact is that , deployment of all secure software features of technology into practical e-commercedistributed systems are higher rated target for intruders. Although most of research has been con-ducted on web application services that use a large share of the present software, but on the otherside Component Based Software in the middle tier ,which rapidly develops application logic, alsoopen security breaching opportunities .This research paper focus on a burning issue for researchersand scientists ,a weakest link in component based distributed system, logical attacks, that cannotbe detected with any intrusion detection system within the middle tier e-commerce distributed ap-plications. We proposed An Approach of Secure Designing application logic for distributed system,while dealing with logically vulnerability issue

    Advanced Cyberinfrastructure for Science, Engineering, and Public Policy

    Full text link
    Progress in many domains increasingly benefits from our ability to view the systems through a computational lens, i.e., using computational abstractions of the domains; and our ability to acquire, share, integrate, and analyze disparate types of data. These advances would not be possible without the advanced data and computational cyberinfrastructure and tools for data capture, integration, analysis, modeling, and simulation. However, despite, and perhaps because of, advances in "big data" technologies for data acquisition, management and analytics, the other largely manual, and labor-intensive aspects of the decision making process, e.g., formulating questions, designing studies, organizing, curating, connecting, correlating and integrating crossdomain data, drawing inferences and interpreting results, have become the rate-limiting steps to progress. Advancing the capability and capacity for evidence-based improvements in science, engineering, and public policy requires support for (1) computational abstractions of the relevant domains coupled with computational methods and tools for their analysis, synthesis, simulation, visualization, sharing, and integration; (2) cognitive tools that leverage and extend the reach of human intellect, and partner with humans on all aspects of the activity; (3) nimble and trustworthy data cyber-infrastructures that connect, manage a variety of instruments, multiple interrelated data types and associated metadata, data representations, processes, protocols and workflows; and enforce applicable security and data access and use policies; and (4) organizational and social structures and processes for collaborative and coordinated activity across disciplinary and institutional boundaries.Comment: A Computing Community Consortium (CCC) white paper, 9 pages. arXiv admin note: text overlap with arXiv:1604.0200

    A Socio-technical Analysis of Interdependent Infrastructures among the Built Environment, Energy, and Transportation Systems at the Navy Yard and the Philadelphia Metropolitan Region, USA

    Get PDF
    This paper reports on a research initiative that explores the interdependencies of the system of systems — the built environment, energy, and transportation — related to the redevelopment of The Navy Yard in Philadelphia and the Philadelphia Metropolitan Region. The overarching goal of the project is a clearer understanding of the dynamics of multi-scale interactions and interdependencies of systems of sociotechnical systems that will be useful to system practitioners. The understanding and the subsequent planning and design of sociotechnical systems are “wicked” problems and one characteristic is there is no definitive formulation. One of the main findings or lessons learned of the work reported for the understanding of interdependencies of infrastructure is the identification of what are the problems or challenges because for wicked problems “[t]he formulation of the problem is the problem!” We find that systems practitioners have an overarching concern of a fragmented regional policy and decision making process. Four main themes of 1. Vulnerability of aging infrastructure, 2. Integration of emerging technology into existing infrastructure, 3. Lifestyle and value changes, and 4. Financial innovations were identified as challenges. Continuing research work explores three possible infrastructure projects for further study as well as the development of a high-level systems of systems model. The principle outcome is the initiation of a planning process so that the system practitioners will learn to better understand the connections among related sociotechnical systems and the constellation of problems they face not within their immediate scope of responsibility yet influences the operations of their systems

    Planning and Design Soa Architecture Blueprint

    Full text link
    Service Oriented Architecture (SOA) is a framework for integrating business processes and supporting IT infrastructure as secure, standardized components-services-that can be reused and combined to address changing business priorities. Services are the building blocks of SOA and new applications can be constructed through consuming these services and orchestrating services within a business process. In SOA, services map to the business functions that are identified during business process analysis. Upon a successful implementation of SOA, the enterprise gain benefit by reducing development time, utilizing flexible and responsive application structure, and following dynamic connectivity of application logics between business partners. This paper presents SOA reference architecture blueprint as the building blocks of SOA which is services, service components and flows that together support enterprise business processes and the business goals

    Business integration models in the context of web services.

    Get PDF
    E-commerce development and applications have been bringing the Internet to business and marketing and reforming our current business styles and processes. The rapid development of the Web, in particular, the introduction of the semantic web and web service technologies, enables business processes, modeling and management to enter an entirely new stage. Traditional web based business data and transactions can now be analyzed, extracted and modeled to discover new business rules and to form new business strategies, let alone mining the business data in order to classify customers or products. In this paper, we investigate and analyze the business integration models in the context of web services using a micro-payment system because a micro-payment system is considered to be a service intensive activity, where many payment tasks involve different forms of services, such as payment method selection for buyers, security support software, product price comparison, etc. We will use the micro-payment case to discuss and illustrate how the web services approaches support and transform the business process and integration model.
    • …
    corecore