Today, information sharing is critical to almost every institution. There is no more critical need for information sharing than during an international crisis, when international coalitions dynamically form. In the event of a crisis, whether it is humanitarian relief, natural disaster, combat operations, or terrorist incidents, international coalitions have an immediate need for information. These coalitions are formed with international cooperation, where each participating country offers whatever resources it can muster to support the given crisis. These situations can occur suddenly, simultaneously, and without warning. Often times, participants are coalition partners in one crisis and adversaries in another, raising difficult security issues with respect to information sharing. Our specific interest is in the Dynamic Coalition Problem (DCP), with an emphasis on the information sharing and security risks when coalitions are formed in response to a crisis. This paper defines the DCP and explores its intricate, challenging, and complex information and resource sharing, and security issues, utilizing real-world situations, which are drawn from a military domain.
Security must be a first class citizen in the design of large scale, interacting, software applications, at early and all stages of the lifecycle, for accurate and precise policy definition, authorization, authentication, enforcement, and assurance. One of the dominant players in software design is the unified modeling language, UML, a language for specifying, visualizing, constructing and documenting software artifacts. In UML, diagrams provide alternate perspectives for different stakeholders, e.g.: use case diagrams for the interaction of users with system components, class diagrams for the static classes and relationships among them, and sequence diagrams for the dynamic behavior of instances of the class diagram. However, UML's support for the definition of security requirements for these diagrams and their constituent elements (e.g., actors, systems, use cases, classes, instances, include/extend/generalize relationships, methods, data, etc.) is lacking. In this paper, we address this issue by incorporating mandatory access control (MAC) into use case, class, and sequence diagrams, providing support for the definition of clearances and classifications for relevant UML elements. In addition, we provide a framework for security assurance as users are defining and evolving use case, class, and sequence diagrams, bridging the gap between software engineers and an organization's security personnel in support of secure software design. To demonstrate the feasibility and utility of our work on secure software design, our MAC enhancements for UML have been integrated into Borland's Together Control Center Environment.
ABSTUCT This paper presents a framework which analyzes and measures the reusability of object-oriented (00)designs. Our approach relies on reuse-specific subjective characterizations of packages and hierarchical libraries, and on a set of metrics that objectively measures the dependencies among packages based on those characterizations. We have developed a prototype tool which can parse Ada 95 applications, measure their reuse potential according to our framework, and automatically advise software designers/developers on the ways to improve their products' reusability. We intend to incorporate this tool into a design/development environment to promote an iterative process that evolves design/code to a more reusable state.
In this paper, we present a technique to analyze and measure the reusability of object-oriented (00) designs. The metrics can be incorporated into a design/development environment, so that reusability measurements, analysis, and improvements can be part of Ubusiness as usual" for an organization. Design reusability measurements also enable early identification of poor reuse potential, when it is still possible to modify/refine the design. The essential components of our approach are two reuse-specific characterizations of classes and hierarchies, and a set of metrics which objectively measures the dependencies among design components based on those reuse-specific characterizations.
In software construction, analysis investigates system requirements and design captures system functionality. To facilitate analysis and design, one popular technique is the unified modeling language, UML. In UML, there are use-case diagrams for the interaction of users with system components, class diagrams for the static classes and relations among them, and sequence diagrams for the dynamic behavior of objects. However, analyzing and designing security requirements in UML is not directly supported. In this chapter, we incorporate role-based access control (RBAC) and mandatory access control (MAC) into UML use-case and class diagrams. In addition, we provide analysis across the UML diagrams, as actors, use cases and classes are defined, to support a degree of security assurance (with mutual exclusion), thereby realizing secure software design in UML. We briefly report on our RBAC/MAC enhancements into Borland's UML tool Together Control Center.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.