Abstract
This paper describes UML-based foundations for model driven architecture and forward engineering of UML static models. In this paper, we propose an integrated environment for designing object-oriented enterprise models. In this projected process for Fast Prototyping, we design object models like use case diagram, sequence diagram, class diagram, etc. We use object-oriented conceptual modeling techniques to design and develop various applications like E-commerce, Banking, Comparison shopping, Ticketing, Online insurance policy management, product purchase system, etc. This paper suggests forward engineering to generate source code from object models through IBM Rational Rose software. This object oriented source code help software development team from analysis to maintenance phase as well as for round trip engineering. Due to high security concern, we have to use highly secure operating systems as a platform to run these web applications. In this regard, a number of trusted operating systems like Argus, Trusted Solaris, and Virtual Vault have been developed by various companies to handle the increasing need of security. The novel integration of security engineering with model-driven software expansion approach has various advantages. As we observe that all security checks in a Trusted Operating System is not necessary. Some non-essential security checks can be skipped by administrator to increase system performance. These non essential security checks can be easily identified at the time of requirement analysis. For example, the majority of web servers deal with pure public information. The majority of data on a web server is publicly readable and available to all users, but these users should not be capable to change the data on the web server. In this application, the need for security checks during reads from disk seems like a waste of CPU cycles. The real security need for web servers seems to be the security of write accesses, not read accesses. In this paper, we propose code generation, Class identification and Modeling for web applications through UML 2.0. Further we propose Security Performance flexibility model for the same to maintain the balance between security and performance for web applications.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Ahrendt W, Baar T, Beckert B, Giese M, Hähnle R, Menzel W, Mostowski W, Schmitt P (2002) The key system: integrating object-oriented design and formal methods, proceedings of FASE 2002 ETAPS 02, Grenoble, France. Available at http://i12www.ira.uka.de/~projekt/index.html
Baresi L, Garzotto F, Paolini P (2000) From web sites to web applications: new issues for conceptual modeling. ER’2000 Workshop on Conceptual Modeling and the Web, LNCS 1921. pp. 89–100. Springer-Verlag
Becker LB, Pereira CE, Dias OP, Teixeira IM, Teixeira JP (2000) MOSYS: a methodology for automatic object identification from system specification. In: 3rd IEEE international symposium on object-oriented real-time distributed computing (ISORC 2000), IEEE CS Press, pp. 198–201
Booch G, Jacobson I, Rumbaugh J (1999) The UML language users guide. Addison-Wesley, ACM Press, Redwood City
Breu R, Grosu R, Huber F, Rumpe B, Schwerin W (1997) Towards a precise semantics for object-oriented modeling techniques. In: Proceedings of the ECOOP’97, lecture notes in computer science 1241, pp. 314–364, Springer-Verlag
Chaudron MRV, Werner H, Nugroho A (2012) How effective is UML modeling? An empirical perspective on costs and benefits. Softw Syst Model 11:571–580. doi:10.1007/s10270-012-0278-4
De Pauw W, Helm R, Kimelman D, Vlissides J (1993) Visualizing the behavior of object-oriented systems. In Proceedings OOPSLA’93, pp. 326–337. ACM Press
Epstein P, Sandhu R (1999) Towards a UML based approach to role engineering In: Proceedings of the 4th ACM Workshop on Role-based access control, pp. 135–143. ACM Press
Favre L, Martínez L, Pereira C (2000) Transforming UML static models into object-oriented code. Technology of object oriented languages and systems, Henderson-Sellers B, Meyer B (eds.) TOOLS 37 IEEE Computer Press, Australia, pp. 170–181
Fernandes JM, Machado RJ (2001) From use cases to objects: an industrial information systems case study analysis. In: 7th international conference on object-oriented information systems (OOIS’01). Springer, Berlin, pp. 319–328
Machado RJ. Fernandes, Monteiro JM, Rodrigues P (2005) Transformation of UML models for service-oriented software architectures In: Proceedings of 12th IEEE international conference on the engineering of computer based systems (ECBS 2005), pp. 173–82
Gogolla M, Henderson-Sellers B (2002) Formal analysis of UML stereotypes within the UML metamodel. In: Proceedings of ≪UML≫ 2002, 5th international conference unified modeling language. Cook S, Hussmann H, Jezequel JM (eds.) Lecture notes in computer science, Springer-Verlag
Gómez J, Cachero C, Pastor O (2000) Extending a conceptual modeling approach to web application design. In proceedings conference on advanced information systems engineering (CAiSE), LNCS 1789, pp. 79–93, Springer- Verlag
http://cairo.cs.uiuc.edu/publications/papers/thesis-achu.pdf
http://www.ijmer.com/papers/vol%201%20issue%201/P011113119.34.pdf
Jacobson I, Magnus C, Patrik J, Övergaard G (2004) Object-oriented software engineering: a use case driven approach. In: Ferraiolo D and Kuhn R (eds.) Role-based access control. Proceedings of the 15th national computer security conference, Addison-Wesley, Wokingham, England, 1992
Joshi JBD, Aref WG, Ghafoor A and Spafford EH (2001) Security models for web-based applications
Jürjens J (2001) Towards development of secure systems using UMLsec. In Hussmann H (ed) Fundamental approaches to software engineering, 4th international conference proceedings, LNCS, Spriger, pp. 187–200
Kosiuczenko P (2007) Redesign of UML class diagrams: a formal approach. Softw Syst Model 2009(8):165–183. doi:10.1007/s10270-007-0068-6
Koskimies K, M¨annist¨o T, Syst¨a T, Tuomi J (1998) Automated support for modeling OO software, IEEE Software, 15, 1, January/February, pp. 87–94
Marcus A, Ferenc R, Poshyvanyk D (2008) Using the conceptual cohesion of classes for fault prediction in object-oriented systems. IEEE Transact Softw Eng, 34(2), March/April
Pathak N, Sharma G, Singh BM (2014) Forward engineering based implementation of TOS in social networking. Int J Comput App, 102(11), pp. 33–38, ISSN: 0975–8887
Petriu DC, Shen H, Sabetta A (2007) Performance analysis of aspect-oriented UML models. Softw Syst Model 6:453–471. doi:10.1007/s10270-007-0053-0
Philippow I, Streitferdt D, Riebisch M, Naumann S, Naumann S (2005) An approach for reverse engineering of design patterns. Softw Syst Model 4:55–70. doi:10.1007/s10270-004-0059-9
Power JF & Malloy BA (2000) An approach for modeling the name lookup problem in the C++ programming language. In: ACM symposium on applied computing, Como
Richner T, Ducasse S (1999) Recovering high-level views of object-oriented applications from static and dynamic information. In: Yang H and White L (eds) Proceedings ICSM’99 (International Conference on Software Maintenance) IEEE
Sendall S, Kozaczynski W (2003) Model transformation: the heart and soul of model-driven software developement. IEEE Softw 20(5):42–45
Siau K, Lee L (2004) Are use case and class diagrams complementary in requirements analysis? An experimental study on use case and class diagrams in UML. Requir Eng 2004(9):229–237. doi:10.1007/s00766-004-0203-7
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Pathak, N., Sharma, G. & Singh, B.M. Towards designing of SPF based secure web application using UML 2.0. Int J Syst Assur Eng Manag 8 (Suppl 1), 208–218 (2017). https://doi.org/10.1007/s13198-015-0338-6
Received:
Revised:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13198-015-0338-6