Full life cycle support for security concerns minutes topics Wouter Joosen.

Slides:



Advertisements
Similar presentations
Personalized Presentation in Web-Based Information Systems Institute of Informatics and Software Engineering Faculty of Informatics and Information Technologies.
Advertisements

Course: e-Governance Project Lifecycle Day 1
Systems Development Environment
COMP4710 Senior Design Process Documentation and Deliverables.
CHAPTER 1 SOFTWARE DEVELOPMENT. 2 Goals of software development Aspects of software quality Development life cycle models Basic concepts of algorithm.
Sharif University of Technology Session # 3.  Contents  Systems Analysis and Design Sharif University of Technology MIS (Management Information System),
Software Modeling SWE5441 Lecture 3 Eng. Mohammed Timraz
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 32 Slide 1 Aspect-oriented Software Development.
H Apr-01 Clark Thomborson Software Security CompSci 725 Handout 28: Report Writing #2 (Sample Titles & Abstracts) Clark Thomborson University of.
Model Driven Architecture Efficiently react to Changing Architectural and Functional Requirements Stainless Steel Models for Red Rusting Technologies Wim.
Development Processes UML just is a modeling technique, yet for using it we need to know: »what do we model in an analysis model? »what do we model in.
Lecture 2b: Software Project Management CSCI102 - Introduction to Information Technology B ITCS905 - Fundamentals of Information Technology.
Creating Architectural Descriptions. Outline Standardizing architectural descriptions: The IEEE has published, “Recommended Practice for Architectural.
From Inception to Elaboration Chapter 8 Applying UML and Patterns -Craig Larman.
UFCEPM-15-M Object-oriented Design and Programming Jin Sa.
Logical Architecture and UML Package Diagrams
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 32 Slide 1 Aspect-oriented Software Development 2.
Introduction to Software Quality Assurance (SQA)
Test Organization and Management
IT Systems Analysis & Design
Software Engineering 1 Object-oriented Analysis and Design Applying UML and Patterns An Introduction to Object-oriented Analysis and Design and Iterative.
International Workshop on Web Engineering ACM Hypertext 2004 Santa Cruz, August 9-13 An Engineering Perspective on Structural Computing: Developing Component-Based.
Architecture-Based Runtime Software Evolution Peyman Oreizy, Nenad Medvidovic & Richard N. Taylor.
and LMAP liaison Document Number: IEEE R0
Team Skill 6: Building the Right System From Use Cases to Implementation (25)
Unified Process versus Extreme Programming. Outline Compare and contrast UP and XP  Processes / Disciplines  Management  Artefacts Risk management.
Lecture 3: Visual Modeling & UML 1. 2 Copyright © 1997 by Rational Software Corporation Computer System Business Process Order Item Ship via “ Modeling.
Requirements To Design--Iteratively Chapter 12 Applying UML and Patterns Craig Larman.
CSC 395 – Software Engineering Lecture 12: Reusability –or– Programming was Bjarne Again.
Programming in Java Unit 3. Learning outcome:  LO2:Be able to design Java solutions  LO3:Be able to implement Java solutions Assessment criteria: 
1 Activities covered by project management Feasibility study Is project technically feasible and worthwhile from a business point of view? Planning Only.
Lecture 7: Requirements Engineering
Unified Modeling Language* Keng Siau University of Nebraska-Lincoln *Adapted from “Software Architecture and the UML” by Grady Booch.
1 Software Development Software Engineering is the study of the techniques and theory that support the development of high-quality software The focus is.
KATHOLIEKE UNIVERSITEIT LEUVEN 1.NET Curriculum Workshop Teaching Software Security: Case Studies on the.NET Framework Frank Piessens and Wouter Joosen.
Implementing Low-Cost e-Gov Solutions in Europe, in Africa, All over the Globe: Report on Experiences Marios Chatzidimitriou, Adamantios Koumpis ALTEC.
Introduction Better Faster Cheaper (pick any two) On-going issue that continues to motivate research in software engineering Applications: –continue to.
2 2009/10 Object Oriented Technology 1 Topic 2: Introduction to Object-Oriented Approach Reference: u Ch.16 Current Trends in System Development (Satzinger:
Developing Business/IT Solutions Chapter 12 McGraw-Hill/IrwinCopyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved.
Lab 5 CPIT 250 System Analysis and Design.
Software Engineering Emphasis for Engineering Computing Courses William Hankley Computing & Information Sciences Kansas State University.
1 Software Engineering: A Practitioner’s Approach, 7/e Chapter 2 Process: A Generic View Software Engineering: A Practitioner’s Approach, 7/e Chapter 2.
Architecture View Models A model is a complete, simplified description of a system from a particular perspective or viewpoint. There is no single view.
Practical Object-Oriented Design with UML 2e Slide 1/1 ©The McGraw-Hill Companies, 2004 PRACTICAL OBJECT-ORIENTED DESIGN WITH UML 2e Chapter 1: Introduction.
Lecture 14 22/10/15. The Object-Oriented Analysis and Design  Process of progressively developing representation of a system component (or object) through.
Tuesday October 25, 2005 Preview SoBeNeT- II project.
Applying Aspect-Orientation in Designing Security Systems Shu Gao Florida International University Center for Advanced Distributed Systems Engineering.
21/1/ Analysis - Model of real-world situation - What ? System Design - Overall architecture (sub-systems) Object Design - Refinement of Design.
Introduction to OPEN Sidney Nogueira 12/11/2003.
OOD OO Design. OOD-2 OO Development Requirements Use case analysis OO Analysis –Models from the domain and application OO Design –Mapping of model.
Aspect-Oriented Software Development (AOSD)
1 Architectural Blueprints—The “4+1” View Model of Software Architecture (
Introduction to Software Engineering 1. Software Engineering Failures – Complexity – Change 2. What is Software Engineering? – Using engineering approaches.
Comparison of The Workflow Management Systems Bizagi, ProcessMaker, and Joget Mohamed Zeinelabdeen Abdelgader [1], Omer Salih Dawood [2], Mohamed Elhafiz.
Utilizing Research: Putting Research Evidence Into Nursing Practice Prepare by /Dr. AmiraYahia.
Context-Aware Middleware for Resource Management in the Wireless Internet US Lab 신현정.
UNIT 1.
CSCE 548 Secure Software Development Use Cases Misuse Cases
The Systems Engineering Context
Software Engineering and Best Practices
The ePhyto Solution A Guide to implement the ePhyto System
IT Systems Analysis & Design
Visualizing Design Patterns in Their Applications and Compositions
Chapter 1 (pages 4-9); Overview of SDLC
Systems Analysis Overview.
Object oriented analysis and design
Software Design Lecture : 15.
Software Process Adaptation
Sylnovie Merchant, Ph.D. MIS 161 Spring 2005
Presentation transcript:

Full life cycle support for security concerns minutes topics Wouter Joosen

AOSD and Full Life Cycle Support …general… What is the state-of-the-art in AOSD in general (in terms of full life cycle support). –What is an aspect? (from the AORE workshop) –Typical for security Novel and hard to capture requirements (anonymity, privacy …) Requirements state what is expected behavior, but also and extensively, what is not… Close coupling between security and application logic (authorization)… What can be applied to security?...

Security and full life cycle support architecture and design level What is the value of UML extensions for security? (Design for security) –Is UML helpful for security? How about protocols? …work of Siobhan Clarke et all. –Look at UML for AOSD… …work of Siobhan Clarke et all Security architecture – how does it relate to the overall software architecture? –Embeds a tremendous amount of knowledge… –But lack of clear notation/meaning Opportunity: –Disentangle and document security solutions…

Security and full life cycle support implementation level NOT COVERED… Components versus code (programming) level? Role of deployment descriptors in a component framework? Role of middle-ware?

Adoption… Which security standards are relevant for this discussion? Adoption by serious users. –Why take the risk? –Organizational barriers: … expert is not necessarily motivated… What is the status:? Maybe we are at a beachhead…

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.