Data access control and measure in the development of web-based health insurance systems Zhen Jiang Computer Science Department Information Assurance Center.

Slides:



Advertisements
Similar presentations
Comparison of Several Meta-modeling Tools 2 Yi Lu Computer Science Department McGill University
Advertisements

Object-Oriented Software Development CS 3331 Fall 2009.
1 Generalizations Multiple Inheritance (finishing up Class Design) Class Design – Another Look – Part 11.
Case Tools Trisha Cummings. Our Definition of CASE  CASE is the use of computer-based support in the software development process.  A CASE tool is a.
Recursive program Zhen Jiang West Chester University
UML Class Diagram. UML Class Diagrams2 Agenda What is a Class Diagram? Essential Elements of a UML Class Diagram Tips.
An Approach to Evaluate Data Trustworthiness Based on Data Provenance Department of Computer Science Purdue University.
2008/03/25 Unified Modeling Lanauage 1 Introduction to Unified Modeling Language (UML) – Part One Ku-Yaw Chang Assistant Professor.
1 Software Testing and Quality Assurance Lecture 12 - The Testing Perspective (Chapter 2, A Practical Guide to Testing Object-Oriented Software)
UML – Class Diagrams.
UML Class Diagram and Packages Written by Zvika Gutterman Adam Carmi.
1 Draft of a Matchmaking Service Chuang liu. 2 Matchmaking Service Matchmaking Service is a service to help service providers to advertising their service.
7M701 1 Class Diagram advanced concepts. 7M701 2 Characteristics of Object Oriented Design (OOD) objectData and operations (functions) are combined 
Systems Analysis & Design Sixth Edition Systems Analysis & Design Sixth Edition Toolkit Part 5.
6. 2Object-Oriented Analysis and Design with the Unified Process Objectives  Explain how events can be used to identify use cases that define requirements.
An Introduction to UML & Modeling Resources Using UML Rahul Shah EE249 Discussion Sept. 25, 2001.
©The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 4 th Ed Chapter Chapter 1 Introduction to Object-Oriented Programming.
Domain-Driven Design: Large-Scale Structure*
PRJ566: PROJECT PLANNING AND MANAGEMENT Class Diagrams.
IT 244 Database Management System Data Modeling 1 Ref: A First Course in Database System Jeffrey D Ullman & Jennifer Widom.
Documenting Software Architectures
Systems Analysis and Design in a Changing World, Tuesday, Feb 27
©The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 4 th Ed Chapter Chapter 1: Introduction to Object-Oriented Programming.
GUI: GPS-Less Traffic Congestion Avoidance in Urban Area with Inter-Vehicular Communication Presenter: Zhen Jiang or
Understand Application Lifecycle Management
1 Chapter 2 (Cont.) The BA’s Perspective on Object Orientation.
Object Oriented Analysis & Design & UML (Unified Modeling Language)1 Part V: Design The Design Workflow Design Classes Refining Analysis Relationships.
Computer Programming in BIO Lab Zhen Jiang Computer Science Department West Chester University West Chester, PA 19383
Domain Analysis Zhen Jiang West Chester University.
Presented by: CHAN LAI SAN ( ) REBAH DAW SARREB ( ) FIDA AL-OBAISI ( ) 08 April 2008 (Tuesday 6pm – 7:30pm)
Programming in Java Unit 3. Learning outcome:  LO2:Be able to design Java solutions  LO3:Be able to implement Java solutions Assessment criteria: 
Xiao Liu CS3 -- Centre for Complex Software Systems and Services Swinburne University of Technology, Australia Key Research Issues in.
CS 46B: Introduction to Data Structures June 16 Class Meeting Department of Computer Science San Jose State University Summer 2015 Instructor: Ron Mak.
MIS 673: Database Analysis and Design u Objectives: u Know how to analyze an environment and draw its semantic data model u Understand data analysis and.
CS3773 Software Engineering Lecture 04 UML Class Diagram.
Databases : Data Modeling 2007, Fall Pusan National University Ki-Joune Li.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 14 Slide 1 Object-oriented Design.
Unified Modeling Language © 2002 by Dietrich and Urban1 ADVANCED DATABASE CONCEPTS Unified Modeling Language Susan D. Urban and Suzanne W. Dietrich Department.
Modeling system requirements. Purpose of Models Models help an analyst clarify and refine a design. Models help simplify the complexity of information.
UML Class Diagram Trisha Cummings. What we will be covering What is a Class Diagram? Essential Elements of a UML Class Diagram UML Packages Logical Distribution.
An Introduction to the Unified Modeling Language
UML The Unified Modeling Language A Practical Introduction Al-Ayham Saleh Aleppo University
Lecture 1: UML Class Diagram September 12, UML Class Diagrams2 What is a Class Diagram? A class diagram describes the types of objects in the system.
UML Class Diagram Tutorial by Florin Zidaru. Outline 1. UML Class Diagram. What is it? Why do we need it? 2. Tutorial Description and Presentation. 3.
CSC115 Introduction to Computer Programming Zhen Jiang Dept. of Computer Science West Chester University West Chester, PA 19383
Design Model Lecture p6 T120B pavasario sem.
Repetition af Domæne model. Artifact influence emphasizing the Domain Model.
© 2010 Health Information Management: Concepts, Principles, and Practice Chapter 5: Data and Information Management.
CS212: Object Oriented Analysis and Design Lecture 33: Class and Sequence Diagram.
Analysis Yaodong Bi. Introduction to Analysis Purposes of Analysis – Resolve issues related to interference, concurrency, and conflicts among use cases.
1 SWE Introduction to Software Engineering Lecture 14 – System Modeling.
An Introduction to UML COMS 103 section 4 11 January, 1999.
MANAGEMENT INFORMATION SYSTEM
Data Modeling Using the Entity- Relationship (ER) Model
Unit - 3 OBJECT ORIENTED DESIGN PROCESS AND AXIOMS
Definition CASE tools are software systems that are intended to provide automated support for routine activities in the software process such as editing.
Chapter 5: Structural Modeling
Today in OOAD Today in Lab Review EU-Lease Assignment (Vision)
Chapter 19: Interfaces and Components
Loop Development Zhen Jiang Dept. of Computer Science
CST221: Database Systems (III)
Object Oriented Analysis and Design
Chapter 18: Refining Analysis Relationships
Systems Analysis Overview.
CSC115 Introduction to Computer Programming
Systems Analysis and Design With UML 2
CSC530 Data Structure - Decision
Zhen Jiang West Chester University
Zhen Jiang West Chester University
UML  UML stands for Unified Modeling Language. It is a standard which is mainly used for creating object- oriented, meaningful documentation models for.
Presentation transcript:

Data access control and measure in the development of web-based health insurance systems Zhen Jiang Computer Science Department Information Assurance Center West Chester University

Outline Introduction Problem Our approaches Conclusion

Introduction Policies Why? Unified Modeling Language (UML) design Data attribute Data access All the access of a certain data All the access by using member functions of an object (effect area) Control of data access Information leakage Fully support of access requirement Redundant access path

Problem Control on member functions and relationships between classes Control on basic relationships (generalization, aggregation, and association) and their usage in our insurance systems Control in design phrase

Our approaches Design framework of web-based health insurance systems Quickly catch the complex relations in real world and map to UML diagram Simple system, easy to analyze Measure the (possible) accesses of a certain class To check if the requirement of all those accesses can be met (completeness check) To check if the access is feasible (the permission is assigned) To avoid adding redundant access path To provide information for future access conflict analysis

Our approaches Design of our health insurance systems

Our approaches Generalization, association, and aggregation Association is basic relation. Class A is a super class of class B if and only if any object of class B can also play the role as an object of class A. Class A, as the whole class, has a whole-part relationship with class B if and only if any object of class B belonging to an object of class A has a member function involved in the action of a member function of the later one as a part of that. Association class of two classes A and B will be consider a part of relationships between classes A and B. All-to-all aggregation is used for multilayer implementation.

Our approaches Discovery: It could be much easier for us to draw a UML class diagram if we start from the analysis of relationships of components. The more natural the relationships between UML classes, the easier we read and understand the UML design, the easier and faster the development and maintenance of such a system.

Our approaches Data access by member functions Data access defined in the same class Data access from other class Rules for assignment of call permission of member functions propagating along all kinds of relations. Rule 1: For any two classes A and B, if A is subclass of B, P(A, B)=true. Rule 2: For any two classes A and B, if A is association related to B, P(A, B)=true. Rule 3: For any two classes A and B, if A is whole class of B, P(A, B)= true. Rule 4: For any association class A of two association related classes B and C, P(A, B)=P(A,C)=P(B,A)=P(C,A)=true. Rule 5: In a multi-layer system, if class A is in the upper layer and class B is in the lower layer, P(A,B)=true.

Our approaches Permission assignment collected in set of access permission (SOAP) Initially, SOAP(C)={C} for each class C. Based on rules 1-5, find Re(C)={X| P(C,X) =true}. Repeat SOAP(C) = SOAP(C)  {Y|Y  SOAP(X)  X  Re(C)} in each round until there is no change of any SOAP.

Our approaches

For each class C in our system, we provide a new measure U(C)={ X|C  SOPA(X)} to see all the places in which the member function(s) of class C could be used (directly or indirectly).

Our approaches

No redundant access path All access will be ensured in design phrase Completeness check process to build assurance of data access of class C. For any existing class X  U(C), check if class X needs to call any member function f of C although the permission has been assigned. When such X is not found in SOAP(C), only check if C's member functions support the requirement of X. If not, redesign the member functions of C. When such X is also found in SOAP(C), both X and C needs check at the same time and may need redesign if there is conflict or inconsistency among their member functions.

Conclusion Control and measure in design phrase A control solution from the side of computer science Impact analysis

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.