IDEAS home Printed from https://ideas.repec.org/a/spr/ijsaem/v8y2017i1d10.1007_s13198-015-0338-6.html
   My bibliography  Save this article

Towards designing of SPF based secure web application using UML 2.0

Author

Listed:
  • Nitish Pathak

    (UTU)

  • Girish Sharma

    (BPIBS, Government of NCT Delhi)

  • B. M. Singh

    (College of Engineering Roorkee)

Abstract

This paper describes UML-based foundations for model driven architecture and forward engineering of UML static models. In this paper, we propose an integrated environment for designing object-oriented enterprise models. In this projected process for Fast Prototyping, we design object models like use case diagram, sequence diagram, class diagram, etc. We use object-oriented conceptual modeling techniques to design and develop various applications like E-commerce, Banking, Comparison shopping, Ticketing, Online insurance policy management, product purchase system, etc. This paper suggests forward engineering to generate source code from object models through IBM Rational Rose software. This object oriented source code help software development team from analysis to maintenance phase as well as for round trip engineering. Due to high security concern, we have to use highly secure operating systems as a platform to run these web applications. In this regard, a number of trusted operating systems like Argus, Trusted Solaris, and Virtual Vault have been developed by various companies to handle the increasing need of security. The novel integration of security engineering with model-driven software expansion approach has various advantages. As we observe that all security checks in a Trusted Operating System is not necessary. Some non-essential security checks can be skipped by administrator to increase system performance. These non essential security checks can be easily identified at the time of requirement analysis. For example, the majority of web servers deal with pure public information. The majority of data on a web server is publicly readable and available to all users, but these users should not be capable to change the data on the web server. In this application, the need for security checks during reads from disk seems like a waste of CPU cycles. The real security need for web servers seems to be the security of write accesses, not read accesses. In this paper, we propose code generation, Class identification and Modeling for web applications through UML 2.0. Further we propose Security Performance flexibility model for the same to maintain the balance between security and performance for web applications.

Suggested Citation

  • Nitish Pathak & Girish Sharma & B. M. Singh, 2017. "Towards designing of SPF based secure web application using UML 2.0," International Journal of System Assurance Engineering and Management, Springer;The Society for Reliability, Engineering Quality and Operations Management (SREQOM),India, and Division of Operation and Maintenance, Lulea University of Technology, Sweden, vol. 8(1), pages 208-218, January.
    • Handle: RePEc:spr:ijsaem:v:8:y:2017:i:1:d:10.1007_s13198-015-0338-6
    DOI: 10.1007/s13198-015-0338-6
    as

    Download full text from publisher

    File URL: http://link.springer.com/10.1007/s13198-015-0338-6
    File Function: Abstract
    Download Restriction: Access to the full text of the articles in this series is restricted.
    File URL: https://libkey.io/10.1007/s13198-015-0338-6?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:spr:ijsaem:v:8:y:2017:i:1:d:10.1007_s13198-015-0338-6. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Sonal Shukla or Springer Nature Abstracting and Indexing (email available below). General contact details of provider: http://www.springer.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.