Welcome to the InfoSci Platform
An Integrated Secure Software Engineering Approach for Functional, Collaborative, and Information Concerns

An Integrated Secure Software Engineering Approach for Functional, Collaborative, and Information Concerns

J. A. Pavlich-Mariscal, S. Berhe, A. De la Rosa Algarín, S. Demurjian
Copyright: © 2018 |Pages: 40
ISBN13: 9781522539230|ISBN10: 1522539239|EISBN13: 9781522539247
DOI: 10.4018/978-1-5225-3923-0.ch012
Cite Chapter Cite Chapter

MLA

Pavlich-Mariscal, J. A., et al. "An Integrated Secure Software Engineering Approach for Functional, Collaborative, and Information Concerns." Computer Systems and Software Engineering: Concepts, Methodologies, Tools, and Applications, edited by Information Resources Management Association, IGI Global, 2018, pp. 253-292. https://doi.org/10.4018/978-1-5225-3923-0.ch012

APA

Pavlich-Mariscal, J. A., Berhe, S., Algarín, A. D., & Demurjian, S. (2018). An Integrated Secure Software Engineering Approach for Functional, Collaborative, and Information Concerns. In I. Management Association (Ed.), Computer Systems and Software Engineering: Concepts, Methodologies, Tools, and Applications (pp. 253-292). IGI Global. https://doi.org/10.4018/978-1-5225-3923-0.ch012

Chicago

Pavlich-Mariscal, J. A., et al. "An Integrated Secure Software Engineering Approach for Functional, Collaborative, and Information Concerns." In Computer Systems and Software Engineering: Concepts, Methodologies, Tools, and Applications, edited by Information Resources Management Association, 253-292. Hershey, PA: IGI Global, 2018. https://doi.org/10.4018/978-1-5225-3923-0.ch012

Export Reference

Mendeley
Favorite

Abstract

This chapter explores a secure software engineering approach that spans functional (object-oriented), collaborative (sharing), and information (Web modeling and exchange) concerns in support of role-based (RBAC), discretionary (DAC), and mandatory (MAC) access control. By extending UML with security diagrams for RBAC, DAC, and MAC, we are able to design an application with all of its concerns, and not defer security to a later time in the design process that could have significant impact and require potentially wide-ranging changes to a nearly completed design. Through its early inclusion in the software design process, security concerns can be part of the application design process, providing separate abstractions for security via new UML diagrams. From these new UML diagrams, it is then possible to generate security policies and enforcement code for RBAC, DAC, and MAC, which separates security from the application. This modeling and generation allows security changes to have less of an impact on an application. The end result is a secure software engineering approach within a UML context that is capable of modeling an application's functional, collaborative, and information concerns. This is explored in this chapter.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.