Figure 6 - uploaded by Edgar Weippl
Content may be subject to copyright.
Source publication
Today, security is considered to be an important aspect of multi-tier application development. Thoroughly researched concepts for access control exist and have been proven in mainframe computing. However, they are often not used in today's development of multi-tier applications. One reason may be the lack of appropriate reusable components that sup...
Context in source publication
Similar publications
Numerous applications, ranging from disaster management to smart buildings, have been proposed for sensor networks. The practicality of these applications depends on the ability of users to interact with these networks, in many cases in real time. In this paper we propose that cell phones interact with sensor networks and obtain the relevant inform...
Peer-to-peer-networking has lately become one of the most popular applications used in the Internet. Today's applications allow users to share files, offer processing power to other entities and do collaboration by using software which is relatively easy to use. This paper studies possible applications of mobile agents within peer-to-peer-networks...
While wireless sensor networks are proving to be a versatile tool, many of the applications in which they are implemented have sensitive data. In other words, security is crucial in many of these applications. Once a sensor node has been compromised, the security of the network degrades quickly if there are not measures taken to deal with this even...
Citations
... To provide a flexible platform for component execution, the sandbox must include flexible security policy management features. There are significant differences in the approaches prescribed by Sun's Java Virtual Machine and the Common Language Runtime from Microsoft [59]. These must be considered when determining the technical platform for the application. ...
Security is a cross-cutting concern in software intensive systems and should consequently be subject to careful architectural analysis and decision making. The requirements for costeffective product line development complicate this task. Two central research questions are addressed in this chapter (1) Is it viable to represent architectural security knowledge in a reference architecture? (2) If so, is such a reference architecture useful for security architecture design in software product lines? Initial evidence suggests that both questions can be affirmed. The main contribution of this chapter is a reference architecture that draws upon state-of-the-art techniques and practices from software product line engineering and information security and constitutes a decision support framework for security architecture design in software product lines. To validate the reference architecture, the chapter also presents our experiences from using it at three distinct companies.
... While the communication component is intended to be used in new development and re-factoring, the tainted-input approach is independent of source code, enabling use in already deployed software. Probst et al. argue the need for reusable high-level security constructs [22]. They describe a framework called Generic Authorization Mechanisms for Multi-Tier Applications (GAMMA) that offers authentication, access control , and auditing mechanisms. ...
Internet-related crime is increasing at a rapid rate. Attack-ers exploit weaknesses in the Web's underlying communi-cation protocols, which were originally designed for a non-hostile environment. Meanwhile, society is facing a large deficit of security trained people that can remedy the sit-uation. The development of secure software is simply too complex for most of today's IT professionals. In this pa-per, we present a communication component that reduces the complexity involved in engineering secure client-server applications, thereby enabling software practitioners to de-velop more secure systems. Specifically, we propose a so-lution based on a Public Key Infrastructure, that encap-sulates communication, allowing programmers to focus on high-level application development issues.
Developing secure web applications is a difficult task because the original purpose of the World Wide Web (WWW) was to freely share information. This paper presents a prototype for a platform-independent secure geospatial visualization and collaboration web application. This system is developed using object-oriented system design methodology. It integrates software engineering, web security, visualization and Java technologies with the WWW to enable production, dissemination, and use of imagery and geospatial information on a hierarchical level through the WWW. Several visualization modules on the client side are developed using the Model-View-Controller design pattern technology. These modules are plug-in and reusable components for other similar applications. A Visualization Web Bridge and Data Providers on the server side are designed and implemented to bridge the gap between the Internet users and the remote geospatial databases. Several Internet security mechanisms are implemented to secure system configuration, to authenticate and authorize data access, and to secure information sharing. The system is an open and extensible source. The application results demonstrate that this system provides a certain level of security, and that users have flexibility to query, visualize, manipulate, and analyze real-time remote geospatial data. It exhibits that multiple users in geographically dispersed organizations can conveniently collaborate and share information as well as 3D images through this system. It also demonstrates that using object-oriented system design and design pattern provides a great chance for software reuse and increases the system flexibility.
Security on electronic voting systems is fundamental; it must assure the integrity of all the elements involved or generated during a voting process. This paper presents a design of secure architectures for providing security, integrity and authenticity of the most important elements involved in an electoral process: configuration files, recorded votes and final result files. Also, different cryptographic protocols for assuring security properties of configuration and final result files are presented as a part of one of the layers of the architectures. We consider a polling place electronic voting system composed by three stages and the use of three different systems during the whole process. Our analysis of architectures and protocols shows that the designed elements assure the secure properties which an electronic voting system must fulfill.
Security on electronic voting systems is fundamental; it must assure the integrity of all the elements involved or generated during a voting process. This paper presents a design of secure architectures for providing security, integrity and authenticity of the most important elements involved in an electoral process: configuration files, recorded votes and final result files. Also, different cryptographic protocols for assuring security properties of configuration and final result files are presented as a part of one of the layers of the architectures. We consider a polling place electronic voting system composed by three stages and the use of three different systems during the whole process. Our analysis of architectures and protocols shows that the designed elements assure the secure properties which an electronic voting system must fulfill.
Developing secure web applications is a difficult task because the original purpose of the World Wide Web (WWW) was to freely share information. This paper presents a prototype for & platform-independent secure geospatial visualization and collaboration web application. This system is developed using object-oriented system design methodology. It integrates software engineering, web security, visualization and Java technologies with the WWW to enable pro-duction, dissemination, and use of imagery and geospatial informa-tion on a hierarchical level through the WWW. Several visualization modules on the client side are developed using the Model-View-Controller design pattern technology. These modules are plug-in and reusable components for other similar applications. A Visualization Web Bridge and Data Providers on the server side are designed and implemented to bridge the gap between the Internet users and the remote geospatial databases. Several Internet security mechanisms are implemented to secure system configuration, to authenticate and authorize data access, and to secure information sharing. The system is an open and extensible source. The application results demonstrate that this system provides a certain level of security, and that users have flexibility to query, visualize, manipulate, and analyze real-time remote geospatial data. It exhibits that multi-ple users in geographically dispersed organizations can conveniently collaborate and share information as well as 3D images through this system. It also demonstrates that using object-oriented system design and design pattern provides a great chance for software reuse and increases the system flexibility.
This paper addresses the need for strong security guarantees in increasingly dynamic and flexible information technology (IT) environments. It applies time-tested security principles, architectural patterns, and continuous improvement constructs to weave security controls and assurances more systemically into an IT environment. Using a building block approach and a focus on iterative refinement, organizations can transform their existing legacy deployments into resilient architectures that meet not only their security, privacy, and compliance needs, but also satisfy business goals such as increased agility, flexibility, efficiency, and availability.
