DOC PREVIEW
UConn CSE 298/300 - User Role Based Security

This preview shows page 1-2-3-4-5-6-7-8-9-10-70-71-72-73-74-75-76-77-78-79-141-142-143-144-145-146-147-148-149-150 out of 150 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 150 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

User Role Based Security for Object-Oriented Systems/ApplicationsOverview of PresentationAn Object-Oriented Design ModelOTs, Attributes, and MethodsEncapsulation and HidingProfiles to Track Design DataAttribute ProfileMethod ProfileObject Type ProfileSlide 10Inheritance VariantsFour T-LEVEL CombinationsWhat Dictates Correct Variant?C++ Equivalents for VariantsImpact on Code GenerationSlide 16Three I-LEVEL CombinationsSlide 18C++: (REGULAR, FULL) InheritanceC++: (LEAF, RESTR1) InheritanceGlossary of Protection and Security TermsSlide 22Slide 23Slide 24Review Fundamental Security IssuesReview Policy & MechanismReview AuthenticationReview AuthorizationReview User AuthenticationReview Network AuthenticationReview What are Available Security Approaches?Security in Software Applications Focusing on DAC and URBSMotivation User-Role Based Security for OOFocusing on DAC and URBSWhat are Key Security Concepts?URBS for OO Systems/ApplicationsWhat is User-Role Based Security(URBS)?Motivating Security for OO ParadigmWhy is URBS Needed?Slide 40What is URBS Approach?FYI: The ADAM EnvironmentOO Design Model EnhancementsThe Health Care Application - OTsSlide 45Slide 46The Health Care Application - RTsThe User Role Definition HierarchyUser Role Definition Hierarchy for HCAUser Role Definition Hierarchy for HTSSPrivilege Definition ProcessPrivilege Acquisition ProcessNode Profiles and PrivilegesNode Descriptions Examples from HCARole Security Requirements Examples from HCAAssignment of Methods Positive Privileges for NodesImplied Methodology for AssignmentTwo Important ConceptsProhibited Methods Non-Allowed Actions/Negative PrivilegesConsistency Criteria Relationships Between URDH NodesA Complete Node ProfileThe Software Development Environment (SDE) ExampleThe SDE URDHNotation: Extending PPI ConceptsThe SDE URDH with Assigned Methods ā€œLousyā€ AssignmentOverview: Assigned MethodsDetailed Scope and Rational How are Flaws Identified/Corrected?Revising Privileges via URDHSlide 69Revising Privileges via OTsThe SDE URDH with Assigned Methods Revised ā€œBetterā€ AssignmentLast Thoughts on SDE ExampleSecurity Issues for OO ParadigmEncapsulation, Hiding, and InheritanceWhat's in an OO Application?Slide 76Polymorphism, Dispatching, Overloading All Three Embody Security Concepts!Object-Oriented Paradigm ClaimsSecurity Issues and ApproachesRelated Work -- All Examine Generated Code to Realize SecurityCore Level URBS ApproachesGeneral Solution IssuesGoals for URBS Enforcement MechanismSlide 84Slide 85Quantifying URBS ApproachesBrute Force ApproachSlide 88User-Role Subclassing ApproachSlide 90Slide 91Slide 92Slide 93User-Role Subclassing Approach Application Code Still UR SpecificURDH Class Library ApproachURDH Class Library Approach Partial Class Hierarchy for URDHURDH Class Library Approach URDH ClassesURDH Class Library Approach Impact on Application ClassesSlide 99Slide 100Slide 101Comments on URDH Class Library ApproachCompare/Contrast the Three ApproachesAdvanced URBS ApproachesGeneric URSA (GURSA)The Item.h FileThe Prescription.h FileThe Staff RN Prescription.h File (s_pres.h)The Attending MD.h File (a_pres.h)Generic_Prescription TemplateThe Main Program - GURSASlide 112Comments on GURSAMinimizing Conditional What are Problems Here?Basic Exception Approach (BEA)Modifications to Prescription ClassPrescription Implementation Pseudo-Code to Illustrate Conceptsmain() Program for BEASlide 119Comments on BEAGeneric Exception Approach (GEA)Generic Security TemplateGeneric Security ImplementationThe Item Header ClassThe Prescription Header ClassPrescription ImplementationComments on GEAAdvanced Exception HandlingRevised Generic Security TemplateSlide 130Slide 131Compare/Contrast the Four Exception Handling Based ApproachesSoftware Architectures for Consistency and Assurance of URBS PoliciesContext and ObjectivesBackground and ObjectivesFocusOverviewAssurance, Consistency, and AnalysesConsistency for User-Roles URs for OO Systems are DynamicConsistency for End User Authorizations URs for OO Systems are DynamicConcepts and DefinitionsLayered System Version 1 LS1: Application-Based ApproachLayered System Version 2 LS2: Class-Based ApproachCommunicating Processes Version 1 CP1: Single Process, Base Case, no C/SCommunicating Processes Version 2 CP2: Multi-Process/Shared AppCLCommunicating Processes Version 3 CP3: Multi Process/Shared SCL/AppCLCommunicating Processes Version 4 CP4: C/S, Replctd SCL/Shared AppCLComparison of VariantsCritique of Variants Summary/Assessment of 6 VariantsConcluding Remarks on SW ArchitecturesCSE333URBSOO-1User Role Based SecurityUser Role Based Securityfor Object-Oriented Systems/Applicationsfor Object-Oriented Systems/ApplicationsM.-Y. Hu, S. Demurjian, T.C. TingComputer Science & Engineering DepartmentThe University of ConnecticutStorrs, Connecticut 06269-3155{steve, [email protected]://www.engr.uconn.edu/~steve(860) 486 - 4818CSE333URBSOO-2Overview of PresentationOverview of Presentationļ­Object-Oriented Design Model ConceptsObject-Oriented Design Model Conceptsļ­Review: Approaches/Concepts of SecurityReview: Approaches/Concepts of Securityļ­Motivation of URBS for OOMotivation of URBS for OOļ­User Role Based Security for Discretionary User Role Based Security for Discretionary Access ControlAccess Controlļ±Concepts and Issuesļ±URBS Example for SDEsļ±Security Issues for OO Paradigmļ±URBS Approaches - OO and C++ļ±Advanced Security Code Generationļ±Software Architectures for URBSļ­Reflections and CommentsReflections and CommentsCSE333URBSOO-3An Object-Oriented Design ModelAn Object-Oriented Design Modelļ­Assumptions of OO Design ModelAssumptions of OO Design Modelļ­Vocabulary:Vocabulary:ļ±What are Object Types? ļ±Attributes? ļ±Methods?ļ­Public Interface vs. Hidden ImplementationPublic Interface vs. Hidden Implementationļ­Concept of a ProfileConcept of a Profileļ­Inheritance and its VariantsInheritance and its VariantsCSE333URBSOO-4OTs, Attributes, and MethodsOTs, Attributes, and MethodsCSE333URBSOO-5Encapsulation and HidingEncapsulation and HidingCSE333URBSOO-6Profiles to Track Design DataProfiles to Track Design Dataļ­Profiles Contain Detailed Requirements on the Profiles Contain Detailed Requirements on the Semantic Contex(n)t for All Constructs of Semantic Contex(n)t for All Constructs of ApplicationApplicationļ­Force SWEs to Supply Detailed Design Info. As Force SWEs to Supply Detailed Design Info. As Application is DesignedApplication is


View Full Document

UConn CSE 298/300 - User Role Based Security

Documents in this Course
Java Tool

Java Tool

58 pages

Load more
Download User Role Based Security
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view User Role Based Security and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view User Role Based Security 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?