Databases Reference
In-Depth Information
implementation but to ensure that any exceptions are captured for analysis
and for non-repudiation. Privacy relies on both authentication and auditing.
Authentication
Authorization
Privacy
Audit
Fig. 9.
Dependencies between Security Domains
Primitive intentions that are common in these four domains are addressed
and presented as stereotypes that can be applied to the UML elements in
capturing the business requirements. Figure 10 shows an example of the spec-
ification of an authentication service based on Johnson's approach [13]. In
the figure, the messages between the customer and the online bank must
be authenticated when the customer performs a wire transfer. The overall
security-related concerns can be defined without considering the underlying
technologies such as the encryption algorithms and the message formats, etc.
:Customer
:Bank
<<authentication>>
transfer(accountNo., amount)
<< authentication >>
balance
Fig. 10.
A Sequence Diagram Example with an
<<
authentication
>>
Stereotype
5.2 Policy Generation
With policy modeling, the security intentions are explicitly defined in an ab-
stract manner independent of the underlying platform and the implementation
technologies. The software developers can easily capture the security require-
ments through policy modeling as well. However, the security implementa-
tion by hand is dicult and errors often arise if the software developers lack
sucient experience, and therefore the low-level development such as policy
definition usually calls for support tools to avoid various problems.
