Abstract
Integrating COTS products into a composite application can reduce development effort and associated costs. A major drawback comes from interoperability problems that hinder the seamless integration of components. Two types of problems are prominent: architecture mismatch and security mismatch. Because of their distinct properties, each problem is currently analyzed separately. The results are integration solutions that are constructed in isolation. Combining these solutions can yield another set of problems if their functionality is conflicting, duplicated, or overly complex. It is imperative to address these issues in component based software development. In this paper, we depict the architectural differences among components, their security access control policies, and the integration solutions that result from independent analysis. This is the first step toward including architectural interoperability issues and security conflicts in the design of an encompassing solution for an integrated application. We show a composition of the two solutions, highlighting redundancy and complexity.
Contact author. This research is sponsored in part by AFOSR (F49620-98-1-0217) and NSF (CCR-9988320).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
OMG: CORBA Security Services Specification. (2001).
Rouvellou, I., Sutton, S., Tai, S.: Multidimensional Separation of Concerns in Middleware. In, Workshop on Multi-Dimensional Separation of Concerns, (2000).
Viega, J., Evans, D.: Separation of Concerns for Security. In, ICSE Workshop on Multidimensional Separation of Concerns in Software Engineering, (2000).
Lindqvist, U., Jonsson, E.: A map of Security Risks Associated with Using COTS. In Computer,Vol. 31(6), (1998), 60–66.
Zhong, Q., Edwards, N.: Security Control for COTS Components. In Computer, Vol. 31(6), (1998), 67–73.
Profeta, J., et al.: Safety-Critical Systems Built with COTS. In Computer, Vol. 29(11), (1996), 54–60.
Perry, D., Wolf, A.: Foundations for the Study of Software Architecture. In ACM SIGSOFT, Vol. 17(4), (1992), 40–52.
Shaw, M., Garlan, D.: Software Architecture: Perspectives on an Emerging Discipline. Prentice Hall, Englewood Cliffs, NJ, (1996).
Garlan, D., Allen, A., Ockerbloom, J.: Architectural Mismatch, or Why it is hard to build systems out of existing parts. In, 17th International Conference on Software Engineering, Seattle, WA, (1995).
Compare, D., Inverardi, P., Wolf, A.: Uncovering Architectural Mismatch in Component Behavior. Science of Computer Programming, Vol. 33(2), (1999), 101–31.
Allen, R., Garlan, D.: A Formal Basis for Architectural Connection. ACM Transactions on Software Engineering and Methodologies, Vol. 6(3), (1997), 213–49.
Magee, J., Dulay, N., Eisenbach, S., Kramer, J.: Specifying Distributed Software Architectures. In, The 5th European Software Engineering Conference, Barcelona, Spain, (1995).
Kazman, P., Bass, L., Abowd, G. and Webb, S.M.: SAAM: A Method for Analyzing the Properties of Software Architectures. In Proceedings of the International Conference on Software Engineering, (1994), 81–90.
Kazman, R., Klein, M., Barbacci, M., Lipson, H., Longsta., T., Carriere, S.: The Architecture Tradeoff Analysis Method. In International Conference on Engineering of Complex Computer Systems, Monterey, CA, (1998).
Duenas, J., Oliveira, W., Puente, J.: A Software Architecture Evaluation Model. In, ESPRIT ARES Workhop, Las Palmas: Springer Verlag, (1995), 148–57.
Davis, L., Gamble, R., Payton, J., Jonsdottir, G., Underwood, D.: A Notation for Problematic Architecture Interactions. In, Proceeding of European Software Engineering Conference/Foundations of Software Engineering, Vienna, Austria (2001).
Keshav, R.: Architecture Integration Elements: Connectors that Form Middleware. M.S. Thesis, Department of Mathematical and Computer Sciences: University of Tulsa, (1999).
Keshav, R., Gamble, R.: Towards a Taxonomy of Architecture Integration Strategies. 3rd International Software Architecture Workshop, (1998).
Sitaraman, R.: Integration of Software Systems at an Abstract Architectural Level. M.S. Thesis, Department of Mathematical and Computer Sciences: University of Tulsa, (1997).
Mularz, D.: Pattern-Based Integration Architectures. In Pattern Language of Programming, (1994).
Gong, L., Qian, X.: Computational Issues in Secure Interoperation. In, IEEE Transactions on Software Engineering, Vol. 22(1), (1996), 43–52.
Galiasso, P.: A Policy Mediation Architecture for Multi-Enterprise Environments Ph.D. Dissertation, Department of Mathematical and Computer Sciences: University of Tulsa, (2001).
Lang, U., Schreiner, R.: Flexibility and Interoperability in CORBA. Electronic Notes in Theoretical Computer Science, (2000).
Payton, J., Gamble, R., Kimsen, S., Davis, L.: The Opportunity for Formal Models of Integration. In, 2nd Int’l Conference on Information Reuse and Integration, (2000).
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Payton, J., Jónsdóttir, G., Flagg, D., Gamble, R. (2002). Merging Integration Solutions for Architecture and Security Mismatch. In: Dean, J., Gravel, A. (eds) COTS-Based Software Systems. ICCBSS 2002. Lecture Notes in Computer Science, vol 2255. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45588-4_19
Download citation
DOI: https://doi.org/10.1007/3-540-45588-4_19
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-43100-8
Online ISBN: 978-3-540-45588-2
eBook Packages: Springer Book Archive