Browse > Article
http://dx.doi.org/10.9708/jksci/2012.17.12.169

A Development of the Unified Object-Oriented Analysis and Design Methodology for Security-Critical Web Applications Based on Object-Relational Database - Forcusing on Oracle11g -  

Joo, Kyung-Soo (Dept. of Computer Software Engineering, SoonChunHyang University)
Woo, Jung-Woong (Dept. of Computer Software Engineering, SoonChunHyang University)
Abstract
In the development process of application systems, the most important works are analysis and design. Most of the application systems are implemented on database system. So, database design is important. Also, IT System are confronted with more and more attacks by an increase interconnections between IT systems. Therefore security-related processes belong to a very important process. Security is a complex non-functional requirement that can interaction of many parts in the system. But Security is considered in the final stages of development. Therefore, Their increases the potential for the final product to contain vulnerabilities. Accordingly, Early in development related to security analysis and design process is very important. J2EE gives a solution based on RBAC((Role Based Access Control) for security and object-relational database also has RBAC for security. But there is not a object-oriented analysis and design methodology using RBAC of J2EE and object-relational database for security. In this paper, the unified object-oriented analysis and design methodology is developed for security-critical web application systems based on J2EE and object-relational database. We used UMLsec and RBAC of object-relational database and J2EE for this methodology.
Keywords
Object-Oriented Analysis Design; Object-Relational Database; RBAC; J2EE; Security;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 Brett D. McLaughlin, Gary Pollice, David West, Head First Object Oriented Analysis & Design, Hanbit Media. Inc, pp. 96-103, 2007.
2 Han Jeong-Su, Kim Gwi-Jeong, Song Yeong-Jae, Introduction to UML : Object-Oriented Design as in a friendly learning, Hanbit Media. Inc, pp. 58-66, 2009.
3 Madan, s, "security Standards Perspective to Fortify Web Database Applications From Code Injection Attacks", International Conference on Intelligent Systems, Modelling and Simulation(ISMS), pp. 226-230, Jan 2010.
4 lqra Basharat, Farooque Anam, Abdul Wahab Muzaffar, "Database Security and Encryption: A Survey Study", International Journal of Computer Application, Vol. 47, No. 12, June 2012.
5 Cho Wan-su, "UML 2 & UP Object-Oriented Analysis&design", pp.189-205, Hongrung Publishing Company, 2005.
6 Chae Heung-Seok, Object-oriented CDB Project for UML and Java as learning, Hanbit Media. Inc, pp. 290-960, 2009.
7 Jho Do-hyung, Joo Kyung-Soo, "Development of Integrated Design Methodology for Relational Database Application -Focusing on Object-Oriented Analysis and Design Methodology-", Korea Society of Computer Information, Vol. 16, No. 11, 2011.   과학기술학회마을   DOI   ScienceOn
8 Oracle Corporation, Oracle 11g SQL Reference Release 2 (11.2), www.oracle.com, 2011.
9 G.Popp, J. Jurjens, G.Wimmel, R. Breu, "Security-Critical System Development with Extended Use Case", Asia-Pacific Software Engineering Conference, 5-1 self, 2003.
10 Jho Do-hyung, Joo Kyung-Soo, "UML Extension for Object-Relational Database Design - Focusing on Oracle11g-", Korea Society of Internet Infomation, Vol. 12, No. 6, pp.149-159, December 2011.   과학기술학회마을
11 Kathy Sierra, Bert Bates, Bryan Basham, Head First Servlet & JSP, Hanbit Media. Inc, pp. 683-721, 2009.
12 Khaleel Ahmad, Jayant Shekhar, Nitesh Kumar, K.P.Yadav, "Policy Levels Concerning Database Security", International Journal of Computer Science & Emerging Technologies, Vol. 2, No. 3, June 2011.
13 ISO(International Standardization Organization), ISO/IEC 9075-11:2008, www.iso.org, 2011.
14 E. Marcos, B. Vela, J. M. Cavero, "A Methodology for Object-Relational Database Design Using UML", 12th International Conference and Workshop on Database and Expert Systems and Applications, 2001.
15 E. Marcos, B. Vela, J. M. Cavero, "Aggregation and Composition in Object-Relational Database Design", Fifth East European Conference on Advances in Databases and Information Systems, 2001.