SecurityArena

Guide to Practical Info Security!

Who's Online

We have 4 guests online
CBK Applications and Systems Development Security (Part-2)
Print E-mail
Written by Administrator   
Friday, 10 July 2009 13:53
Article Index
CBK Applications and Systems Development Security (Part-2)
Capability Maturity Model Integration
Types of programming languages
OOP / Object-Oriented Programming
Structured analysis approach
Phases of object-oriented design and development
Cohesion and Coupling
Object Management Architecture
Mobile Code
Expert Systems
Malicious Software (Malware)
Attacks
All Pages
Page 6 of 12

Phases of object-oriented design and development

Specification

During this stage a rough idea of the purpose of the subsystem and the services it will provide is proposed.
Exploratory Design

During this stage key objects and their interactions are modeled. An initial pass is made at defining each key class’ role and responsibilities. Several additional layers of each subsystem design can be elaborated. Services available to objects outside the subsystem are specified in greater detail.
Detailed modeling 

Extensive review and refinement of the initial model. Classes are scrutinized for appropriate factoring of responsibilities to minimize inter-object dependencies and simplify the design. New supporting classes may be created to further reduce coupling between classes. And permissible patterns of collaboration between objects can be formalized through contracts that spell out services used by specific clients. Finally, class inheritance hierarchies can be developed.

Implementation Phase

Actual coding and building of system.

Integration

Crucial point in any large application comes when subsystems developed in relative isolation (after agreeing upon basic inter-subsystem interactions and publicly available services) are made to work together. Test stub methods and objects are replaced by their application stand-ins. It is at this stage that hidden assumptions about services provided and/or expected patterns of usage are uncovered, and once again might need readjusting.
Validation

It is necessary to validate behavior of individual components and the overall behavior of major subsystems in the actual working environment.
Cleanup

A relatively minor sweep through the classes and working code can often provide dramatic improvements in performance, code clarity, robustness and importantly security.
Generalization for broader utility

This activity needs to be carefully planned. Not all subsystems are significant enough or have enough potential utility to merit this extra effort without compromising security.

Computer-aided software engineering (CASE)

The tools aid in keeping more detailed records of requirements, design, and implementation and in testing the program and project overall. When the automation covers the complete life cycle of a product, the tools are referred to as integrated computer-aided software engineering (I-CASE) tools. Many CASE tools utilize rapid prototyping technologies that enable applications to be developed faster with higher quality and lower cost.
Last Updated on Friday, 28 August 2009 05:04
 
Please register or login to add your comments to this article.
Banner
Copyright © 2010 Information Security Arena. All Rights Reserved.
Joomla! is Free Software released under the GNU/GPL License.
 
Joomla 1.5 Templates by Joomlashack