Modeling Systems by Separating Application & Security Concerns
Complex application systems are modeled by separating application and security concerns. By careful separation of concerns, security requirements for security services in the software architecture can be modeled separately from application concerns using the UML notation. This modeling approach reduces system complexity caused by mixing security requirements and designs with application requirements and designs with the goal of making complex systems more maintainable and reusable. This research addresses separation of application and security concerns in the implementation phase of software development. Security components are separated from application components in the software architecture and are implemented via security aspects with aspect-oriented programming, whereas application components are implemented through objects with object-oriented programming. A security aspect is committed whenever an object needs the security aspect. A business-to-business (B2B) electronic commerce system is used to validate the proposed research.