1. Conquering Complex and Changing Systems Object-Oriented Software Engineering TJSS: Defining access control, example Päivi Ovaska

2. Bernd Bruegge & Allen Dutoit Object-Oriented Software Engineering: Conquering Complex and Changing Systems 2 Defining Access Control in MyTrip  We model access by determining which objects are shared among actors, and by defining how actors can control acess  Depending on the security requirements on the system, we also define how actors are authenticated to the system (i.e., how actors prove to the system who they are) and how selected data in the system should be encrypted  Storing maps and Trips for many drivers in the same database introduces security issues. We must ensure that Trips are sent only to the driver that created them (see security design goal)  New Driver class and associate it with Trip class  PlanningSubsystem becomes responsible for authenticating Drivers before sending Trips.  Encrypting communication traffic between RoutingSubsystem and the PlanninSubsystem by CommuncationSubsystem

3. Bernd Bruegge & Allen Dutoit Object-Oriented Software Engineering: Conquering Complex and Changing Systems 3 Revisions to the design model CommunicationSubsystem The CommunicationSubsystem is responsible for transporting Trips from the PlanningSubsystem to the RoutingSubsystem. The CommunicationSubsystem uses the Driver associated with the Trip being transported for selecting a key and encrypting the communication traffic PlanningSubsystem The PlanningSubsystem is responsible for constructing a Trip connecting a sequence of Destinations. The PlanningSubsystem is also responsible for responding to replan requests from RoutingSubsystem. Prior to processing any requests, the PlanninSubsystem authenticates the Driver from the RoutingSubsystem. The authenticated Driver is used to determine which Trips can be sent to the corresponding Routing Subsystem Driver A driver represents an authenticated user. It is used by the CommunicationSubsystem to remember keys associated with a user and by the PlanningSubsystem to associate Trips with users

4. Bernd Bruegge & Allen Dutoit Object-Oriented Software Engineering: Conquering Complex and Changing Systems 4 Secure authentication  For secure authentication and encryption you should always select one or more off-the-shelf algorithms or packages instead of designing your own. Many such packages are based on public standards that are widely reviewed by the academica and the industry, thus ensuring a relatively high level of reliability and security  We can use Strategy pattern to encapsulate multiple implementation of the same encryption algorithm

5. Bernd Bruegge & Allen Dutoit Object-Oriented Software Engineering: Conquering Complex and Changing Systems 5 Description about Strategy pattern  IDEA abstract class defines the generic interface that all implementations of the encapsulated algorithm should have  IDEA_Vendor_A and IDEA_Vendor_B provide implementations of the algorithm  A Message class is responsible for managing the data structure on which IDEA algorithm operate