Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS 5150 Software Engineering Lecture 17 Program Design 4/ Security & Privacy.

Published byCrystal Jefferson Modified over 8 years ago

Similar presentations

Presentation on theme: "CS 5150 Software Engineering Lecture 17 Program Design 4/ Security & Privacy."— Presentation transcript:

1 CS 5150 Software Engineering Lecture 17 Program Design 4/ Security & Privacy

2 CS 5150 2 Administrivia Quiz 2... waiting for a few students to take it

3 CS 5150 3 SE in the News Amazon Web Services outage Apple’s patent invalidated because of prior art by... Apple

4 CS 5150 4 Software Reuse It is often good to design a program to reuse existing software. This can lead to better software at lower cost. Potential benefits of reuse Reduced development time and cost Improved reliability of mature components Shared maintenance cost Potential disadvantages of reuse Difficulty in finding appropriate components Components may be a poor fit for application Quality control and security may be unknown

5 CS 5150 5 Examples (1/2) System software device drivers file systems exception handling network protocols Subsystems database management systems firewalls web servers

6 CS 5150 6 Examples (2/2) Standard functions mathematical methods formatting User interface and application development toolkits (e.g. Motif graphics toolkit) class libraries, (e.g., Swing for Java) Web frameworks (e.g., Ruby on Rails)

7 CS 5150 7 Design for Reuse: Application Packages Application package Supports a standard application (e.g., payroll) Functionality can be enhanced by: Configuration parameters (e.g., table driven) Extensibility at defined interfaces Custom written source code

8 CS 5150 8 Reuse: Design for Replacement of Components The software design should anticipate possible changes in the system over its life-cycle. New vendor or new technology Components are replaced because its supplier goes out of business, ceases to provide adequate support, increases its price, etc., or because better software from another sources provides better functionality, support, pricing, etc. This can apply to either open-source or vendor-supplied components.

9 CS 5150 9 Reuse: Design for Replacement of Components New implementation The original implementation may be problematic, e.g., poor performance, inadequate back-up and recovery, difficult to trouble-shoot, or unable to support growth and new features added to the system. Example. The portal nsdl.org was originally implemented using uPortal. This did not support important extensions that were requested and proved awkward to maintain. It was reimplemented using PHP/MySQL.

10 CS 5150 10 Reuse: Design for Replacement of Components Additions to the requirements When a system goes into production, it is usual to reveal both weaknesses and opportunities for extra functionality and enhancement to the user interface design. For example, in a data-intensive system it is almost certain that there will be requests for extra reports and ways of viewing the data. Requests for enhancements are often the sign of a successful system. Clients recognize latent possibilities.

11 CS 5150 11 Reuse: Design for Replacement of Components Changes in the application domain Most application domains change continually, e.g., because of business opportunities, external changes (such as new laws), mergers and take-overs, new groups of users, etc., etc., It is rarely feasible to implement a completely new system when the application domain changes. Therefore existing systems must be modified. This may involve extensive restructuring, but it is important to reuse existing code as much as possible.

12 CS 5150 12 Reuse and Object Oriented Languages: Class Hierarchies Example: Java Java is a relatively straightforward language with a very rich set of class hierarchies. Java programs derive much of their functionality from standard classes Learning and understanding the classes is difficult. Experienced Java programmers can write complex systems quickly Inexperienced Java programmers write inelegant and buggy programs

13 CS 5150 13 Design for Reuse: Inheritance and Abstract Classes Classes can be defined in terms of other classes using inheritance. The generalization class is called the superclass (or base class) and the specialization is called the subclass (or derived class). If the inheritance relationship serves only to model shared attributes and operations, i.e., the generalization is not intended to be implemented, the class is called an abstract class

14 CS 5150 14 Design for Reuse: Specification Inheritance Specification Inheritance The classification of concepts into type hierarchies, so that an object from a specified class can be replaced by an object from one of its subclasses. In particular: Pre-conditions cannot be strengthened in a subclass. Post-conditions cannot be weakened in a subclass.

15 CS 5150 15 Design for Reuse: Specification Inheritance Liskov Substitution Principle (strict inheritance) If an object of type S can be substituted in all the places where an object of type T is expected, then S is a subtype of T. Interpretation The Liskov Substitution Principle means that if all classes are subtypes of their superclasses, all inheritance relationships are specification inheritance relationships. New subclasses of T can be added without modifying the methods of T. This leads to an extensible system.

16 CS 5150 16 Design for Reuse: Delegation Delegation A class is said to delegate to another class if it implements an operation by resending a message to another class Delegation is an alternative to inheritance that should be used when reuse is anticipated

17 CS 5150 17 Security, Privacy and Reliability Interrelated but distinct concepts Reliability Does the system behave as specified when users behave non-maliciously? Privacy Is the system designed to use personal data in a way that is consistent with user expectations? Security Does the system continue operating well when it is under attack?

18 CS 5150 18 Attack Model Rigorous security engineering must be based on an attack model Who is the expected attacker? Why are they interested in attacking the system? How do you expect them to attack the system? What are the consequences of a successful attack? In safety-critical systems, attack models should be part of the earliest phases of the project

19 CS 5150 19 Security Needs and Dangers Needs Secrecy:control of who gets to read information Integrity:control of how information changes or resources are used Availability:providing prompt access to information and resources Accountability:knowing who has had access to resources Dangers Damage to information integrity Disruption of service availability Theft of money integrity Theft of information secrecy Loss of privacy secrecy Butler W. Lampson, 2004

20 CS 5150 20 The Human Element People are intrinsically insecure: Careless (e.g., leave computers logged on, leave passwords where others can read them) Dishonest (e.g., stealing from financial systems) Malicious (e.g., denial of service attack) Many security problems come from inside the organization: In a large organization, there will be some disgruntled and dishonest employees Security relies on trusted individuals. What if they are dishonest ?

21 CS 5150 21 Design for Security: People Make it easy for responsible people to use the system (e.g., make security procedures simple) Make it hard for dishonest or careless people (e.g., password management) Train people in responsible behavior Test the security of the system thoroughly and repeatedly, particularly after changes Do not hide violations

22 CS 5150 22 Principle of Least Privilege... interpreted very broadly: Make sure the every component of your system only has the capabilities that it needs to do its job Easy to violate the PLP when reusing large pieces of software

Download ppt "CS 5150 Software Engineering Lecture 17 Program Design 4/ Security & Privacy."

Similar presentations

Department of Computer Engineering Faculty of Engineering, Prince of Songkla University 1 5 – Abstract Data Types.

Department of Computer Engineering Faculty of Engineering, Prince of Songkla University 1 5 – Abstract Data Types.
1 CS 501 Spring 2005 CS 501: Software Engineering Lecture 21 Reliability 3.

1 CS 501 Spring 2005 CS 501: Software Engineering Lecture 21 Reliability 3.
Chapter 2 – Software Processes

Chapter 2 – Software Processes
General OO Concepts and Principles CSE301 University of Sunderland Harry R. Erwin, PhD.

General OO Concepts and Principles CSE301 University of Sunderland Harry R. Erwin, PhD.
Solutions to Review Questions. 4.1 Define object, class and instance. The UML Glossary gives these definitions: Object: an instance of a class. Class:

Solutions to Review Questions. 4.1 Define object, class and instance. The UML Glossary gives these definitions: Object: an instance of a class. Class:
1 CS 501 Spring 2007 CS 501: Software Engineering Lecture 16 Object Oriented Design 2.

1 CS 501 Spring 2007 CS 501: Software Engineering Lecture 16 Object Oriented Design 2.
CS 501: Software Engineering Fall 2000 Lecture 16 System Architecture III Distributed Objects.

CS 501: Software Engineering Fall 2000 Lecture 16 System Architecture III Distributed Objects.
1 Software Testing and Quality Assurance Lecture 28 – Testing Class Hierarchies.

1 Software Testing and Quality Assurance Lecture 28 – Testing Class Hierarchies.
1 CS 501 Spring 2008 CS 501: Software Engineering Lecture 16 Object Oriented Design 2.

1 CS 501 Spring 2008 CS 501: Software Engineering Lecture 16 Object Oriented Design 2.
MSIS 110: Introduction to Computers; Instructor: S. Mathiyalakan1 Systems Design, Implementation, Maintenance, and Review Chapter 13.

MSIS 110: Introduction to Computers; Instructor: S. Mathiyalakan1 Systems Design, Implementation, Maintenance, and Review Chapter 13.
7M701 1 Class Diagram advanced concepts. 7M701 2 Characteristics of Object Oriented Design (OOD) objectData and operations (functions) are combined 

7M701 1 Class Diagram advanced concepts. 7M701 2 Characteristics of Object Oriented Design (OOD) objectData and operations (functions) are combined 
Software Requirements

Software Requirements
Criteria for good design. aim to appreciate the proper and improper uses of inheritance and appreciate the concepts of coupling and cohesion.

Criteria for good design. aim to appreciate the proper and improper uses of inheritance and appreciate the concepts of coupling and cohesion.
CS 5150 1 CS 5150 Software Engineering Lecture 13 System Architecture and Design 1.

CS CS 5150 Software Engineering Lecture 13 System Architecture and Design 1.
Feb. 23, 2004CS 509 - WPI1 CS 509 Design of Software Systems Lecture #5 Monday, Feb. 23, 2004.

Feb. 23, 2004CS WPI1 CS 509 Design of Software Systems Lecture #5 Monday, Feb. 23, 2004.
Dept. of Computer Engineering, Amir-Kabir University 1 Design Patterns Dr. Noorhosseini Lecture 2.

Dept. of Computer Engineering, Amir-Kabir University 1 Design Patterns Dr. Noorhosseini Lecture 2.
Chapter 10 Classes Continued

Chapter 10 Classes Continued
Developed by Reneta Barneva, SUNY Fredonia Component Level Design.

Developed by Reneta Barneva, SUNY Fredonia Component Level Design.
1 CS 501 Spring 2005 CS 501: Software Engineering Lecture 16 Object Oriented Design 2.

1 CS 501 Spring 2005 CS 501: Software Engineering Lecture 16 Object Oriented Design 2.
CS 5150 1 CS 5150 Software Engineering Lecture 16 Object Oriented Design 2.

CS CS 5150 Software Engineering Lecture 16 Object Oriented Design 2.

Similar presentations

Ads by Google