Extensions to the self protecting object model to facilitate integrity in stationary and mobile hosts

Brandi, Wesley

13 March 2014

M.Sc. (Computer Science) / In this dissertation we propose extensions to the Self Protecting Object (SPO) model to facilitate the sharing of information in a more effective manner. We see the sharing ofinformation as the sharing of objects that provide services. Sharing objects effectively is allowing the objects to be used in a secure environment, independent of their location, in a manner usage was intended. The SPO model proposed by Olivier [32] allows for objects in a federated database to be moved from one site to another and ensures that the security policy of the object will always be respected and implemented, regardless of its location. Although the SPO model does indeed allow for objects (information) to be shared effectively, it fails to address issues of maintaining integrity within objects. We therefore define the notion of maintaining integrity within the spa model and propose a model to achieve it. We argue that ensuring an SPO is only used in a way usage was intended does not suffice to ensure integrity. The model we propose is based on ensuring that modifications to an SPO are only executed if the modification does not violate the constraints defined for the Sf'O, The model" allows for an spa to maintain its unique identity in addition to maintaining its integrity. The SPO model is designed to be used in a federated database on sites that are stationary. Therefore, having addressed the issue of maintaining integrity within SPOs on stationary sites in the federated database, we then introduce the notion of a mobile site: a site that will eventually disconnect from the federated database and become unreachable for some time. Introducing the mobile site into the federated database allows us to propose the Mobile Self Protecting Object (MSPO) and its associated architecture. Because of the nature of mobile sites, the original model for maintaining integrity can not be applied to the MSPO architecture. We therefore propose a mechanism (to be implemented in unison with the original model) to ensure the integrity of MSPOs on mobile sites. We then discuss the JASPO prototype. The aim of the prototype was to determine if the Self Protecting Object model was feasible using current development technologies. We examine the requirements identified in order for the prototype to be successful and discuss how these were satisfied. Several modifications were made to the original spa model, including the addition of a new module and the exclusion of others, we discuss these modifications and examine why they were necessary.

Internetworking (Telecommunication)

Internet domain names

The audit implications of object-oriented programming

Murphy, Ninette

18 February 2014

M.Com. (Computer Auditing) / During the last few decades the hardware of a computer system has undergone repeated revolutions. On the other hand the software development process has remained largely unchanged. The advent of the Information Age has, however, necessitated major improvements in the software development process. Object-Orientated Programming is seen as the vehicle by which this can be achieved. The use of object-orientation involves the auditor in two major areas. Firstly, the auditor may be involved in advising as to which systems engineering process to use and secondly, to assess the influence of the systems engineering process on the control environment of the client's computer system. In this dissertation, both the use of object orientation as a systems engineering methodology and the implications of this methodology on the control environment are discussed. Object-Orientated Programming can be broken down into the three main features, encapsulation, inheritance and interfaces. Encapsulation implies that both the data and processes that are permissible on that data, should be encapsulated as a single entity, known as an object. Inheritance on the other hand can be thought of as a specialisation of objects, to form a hierarchy of objects. Inheritance is, therefore, a way of sharing information between objects but with additional features to change or add certain attributes or methods of other objects. The external powers of an object are completely circumscribed by message passing. The only way in which an object can be addressed is to send a message to the object. This is done by the specific interfaces between the objects.

Auditing - Data processing

Secure object-oriented databases

Olivier, Martin Stephanus

07 October 2014

D.Phil. (Computer Science) / The need for security in a database is obvious. Object-orientation enables databases to be used in applications where other database models are not adequate. It is thus clear that security of object-oriented databases must be investigated...

Computers - Access control

A formalism for object-based information systems development

Takagaki, Ken

January 1990

Most current approaches to Information Systems Development (ISD) tend to derive from past experience and practice, rules of thumb and technology trends. The lack of theoretical foundations hinders the systematic development and evaluation of new ISD methodologies. The research undertaken in this thesis addresses this issue by proposing a formal, theory-based model, Ontology/Object-Based Conceptual Modelling (OBCM), for conceptually representing IS applications. The formalism is novel in that it is grounded in first principles derived from metaphysics, in particular the system of Ontology developed by Mario Bunge. Underlying this approach is the premise that an Information System is a model of reality and that model should be therefore rooted in a theory of reality, ie. a metaphysics. As a result, basic assumptions in reality such as thing, substance, property, attribute, time, state and change are explicitly and rigorously addressed. OBCM features an ontologically well-defined construct, "object", which is used to directly represent entities in reality, thus lending theoretical credence to the so-called object-oriented paradigm found in recent programming languages and databases. In addition, the thesis presents a framework, Ontology/Object-Based Information System (OBIS), for systems implementation based on this model. This framework directly implements the object construct so that it can be immediately utilized by the information systems user in a "direct manipulation" style of end-user interaction. Further, OBIS strives for a single, homogeneous concept of system operation drawn from ontology rather than in terms of IS or computing technology. In principle, this one concept can be applied to any object in the IS, this simplifying the understanding and use of the Information System. In this way, the model attempts to unify the analysis, implementation and user-interface aspects of Information Systems Development, thereby reducing the so-called "semantic gap" which has often been observed between the reality of the application and its final implementation in an IS. A "proof of concept" prototype is described which illustrates the main principles and explores practical applications of the proposed model. This prototype is implemented as a single, stand-alone "shell" which can be used to support a wide variety of applications as well as providing the basis of a rapid prototyping or CASE tool. The prototype is used to implement sample problems including the well-known IFIP Working Conference problem, thus demonstrating the feasibility of the overall approach. / Business, Sauder School of / Graduate

Issues in designing a distributed, object-based programming system

Chin, Roger Steven

January 1988

Objects are entities which encapsulate data and those operations which manipulate the data. A distributed, object-based programming system (or DOBPS) is a distributed operating system which has been designed to support an object-based programming language and, in particular, an object abstraction. DOBPSs have the benefits of simplifying program construction and improving the performance of programs by providing efficient, system-level support for the abstractions used by the language. Many DOBPSs also permit hardware and software failures to be tolerated. This thesis introduces a definition for the term "distributed, object-based programming system" and identifies the features, that are related to objects, which are required by an operating system of a DOBPS. A classification scheme is presented that categorizes and characterizes these features to permit a number of implementation techniques to be easily examined, compared, and contrasted. / Science, Faculty of / Computer Science, Department of / Graduate

Compressibility as Proxy for Readability

Hansson, Axel, Lönnqvist, Marcus

January 2021

This study’s main objective is to examine if there is acorrelation between readability and compressibility of Java code. The code readability is important to softwaremaintainability and the comprehension of the code, and thiscan be verified and tested with a range of different metricssuch as B&W, Scalabrino and Dorn’s readability metric.Should there exist a correlation, compressibility could proveto be a simple yet useful readability metric.Data compression is when code or data is encoded usingfewer bits that its original size. There are several algorithmsto do this, and this study works with some of the mostpopular methods. To examine the correlation, we first testedthe different compression algorithms against each other tosee if there was a major difference in size of the resulting file.After that we compared the compressibility between twodifferent types of written code, with previously establisheddifferences in readability.All in all, the source code from a total of 20 popular GitHubprojects were tested with 3 compression algorithms tocompare the differences between the algorithms. For thecompressibility comparisons between code as relating toreadability, a combined total of 104 code snippets weretested, 52 of each compared coding paradigm.Result: For the first test we concluded that there was nosignificant difference between the compression rates of thealgorithms, ending up roughly within 4% or less of eachother on average.The second result reveals a small difference incompressibility between sets of code using reactive Java andobject-oriented Java. These two paradigms are showing adifference in readability according to earlier research, thoughthe difference in compressibility was so small that it wasconsidered negligible. This is due to a lack of variety ofsnippets tested and the difference can largely be attributed tothe small file sizes of some snippets. The smaller filesincreased in size due to the compression adding an“overhead” when a file is compressed. This is morenoticeable on smaller files which this study tested a lot of.In conclusion, the study was unable to indicate a clearconnection between source code readability andcompressibility. Thus, it does not indicate that compressibility is a suitable proxy for readability as of now.This study does however start a conversation on a topicpreviously untouched, and we hope that this study can pointother studies in the right direction. The scope of this researchis too big to be fully explored in this study alone, and westrongly suggest future research on the topic.

Compressibility

Reliability

Proxy

Reactive

Object-Oriented

Software Engineering

Programvaruteknik

Design of multi-core dataflow cryptprocessor

Alzahrani, Ali Saeed

28 August 2018

Embedded multi-core systems are implemented as systems-on-chip that rely on packet store-and-forward networks-on-chip for communications. These systems do not use buses nor global clock. Instead routers are used to move data between the cores and each core uses its own local clock. This implies concurrent asynchronous computing. Implementing algorithms in such systems is very much facilitated using dataflow concepts. In this work, we propose a methodology for implementing algorithms on dataflow platforms. The methodology can be applied to multi-threaded, multi-core platforms or a combination of these platforms as well. This methodology is based on a novel dataflow graph representation of the algorithm. We applied the proposed methodology to obtain a novel dataflow multi-core computing model for the secure hash algorithm-3. The resulting hardware was implemented in FPGA to verify the performance parameters. The proposed model of computation has advantages such as flexible I/O timing in term of scheduling policy, execution of tasks as soon as possible, and self-timed event-driven system. In other words, I/O timing and correctness of algorithm evaluation are dissociated in this work. The main advantage of this proposal is the ability to dynamically obfuscate algorithm evaluation to thwart side-channel attacks without having to redesign the system. This has important implications for cryptographic applications. Also, the dissertation proposes four countermeasure techniques against side-channel attacks for SHA-3 hashing. The countermeasure techniques are based on choosing stochastic or deterministic input data scheduling strategies. Extensive simulations of the SHA-3 algorithm and the proposed countermeasures approaches were performed using object-oriented MATLAB models to verify and validate the effectiveness of the techniques. The design immunity for the proposed countermeasures is assessed. / Graduate / 2020-11-19

Embedded multi-core systems

object-oriented MATLAB models

FPGA

Actor systems platform design and implementation of the actor paradigm in a distributed object-oriented environment

Joshi, Nandan

27 April 2010

This project was undertaken as part of an effort to explore the design of object -oriented systems that are distributed, concurrent, real-time and/or embedded in nature. This work seeks to integrate the concurrency features of the actor model in a distributed, object oriented environment, ESP. The integrated system, called the Actor Systems Platform (ASP), provides a platform for designing concurrent, distributed applications. The actor model provides a mechanism for expressing the inherent concurrency in an application. The concurrency in the application can be exploited by the distributed features available in ESP. <p>The actor abstraction in ASP is provided by a application-level class hierarchy in ESP. The message passing semantics of the actor model are implemented by using special operator overloading in C++. Cboxes are implemented to provide a synchronization mechanism and a means of returning replies. In a concurrent system, simultaneous execution of an object's methods can cause its state to be inconsistent. This is prevented by providing a method locking mechanism using behavior sets. While integrating the concurrency features of the actor model in an object-oriented environment, differences were encountered in determining the invocation semantics of the actor model and those of inherited methods. The problem is investigated and a taxonomy of solutions is presented. / Master of Science

LD5655.V851 1993.J673

Understanding object-oriented methodology

Roy, Brian K.

17 March 2010

Master of Information Systems

LD5655.V851 1993.R69

CATY: an ASN.1-C++ translator in support of distributed object-oriented applications

Long, Wendy

24 October 2009

When heterogeneous computers exchange data over a network, they must agree on a common interpretation of the data. The OSI suite of protocols includes a standard notation, Abstract Syntax Notation One (ASN.1), for describing the structure ("abstract syntax") of data. Previous work has shown that C++ is a good language for work with layered network architectures and specifically with ASN.1: the inheritance and polymorphism features of C++ are nicely suited for work with layered protocols, which can be seen and used in object-oriented terms; a C++ class hierarchy, designed to capture the language concepts of ASN.1, successfully separates the abstract syntax (or application level) from the encoding used during transfer (the "transfer syntax" at presentation level); and the class construct and scoping rules of C++ and the design of the class hierarchy much better preserve the structure and content of ASN.1 than do past attempts with C. This report presents CATV (Class-oriented ASN.1 Translator, Yacc-based), a translator from ASN.1 to a corresponding C++ abstract syntax class hierarchy. It is shown in this report that the translations produced by CATV are preferable to those produced by other translators based on the following criteria: preservation of names and types, consistent access to elements, support of modularity and subtypes, resolution of forward references, flexibility of encoding, and generality of use. Furthermore, it is shown that CATV has better throughput than PEPSY, an ASN.1 to C translator from ISODE. / Master of Science

LD5655.V851 1994.L664