An Authentication-Oriented Approach to Model the Crosscutting Constraints in Sequence Diagram Using Aspect OCL

Abstract

The modeling of software functional requirements is very important in the development of software systems. In addition, it is also highly important to model security requirements, specifically authentication requirements, to prevent security risks and threats at the design level. The authentication requirements impose various constraints on granting access to only legitimate users to use computer resources. These constraints play an important role in the modeling of functional and authentication concerns of software systems. However, due to their crosscutting nature, their modeling results in pervasiveness across several design models. These constraints crosscut other constraints, which raises the problems of tangling and scattering. As a result, it is highly difficult to manage and maintain the constraints put on design models. Moreover, taking ad hoc approaches to deal with these constraints in complex systems is likely to result in faulty design models. All the existing approaches only deal with crosscutting behavior and completely ignore the crosscutting constraints. Therefore, our main research objective is to improve the modeling of crosscutting constraints and remove the scattering and tangling problems. For this purpose, we propose an authentication-oriented approach to modeling these constraints using the aspect-oriented technique. Using this approach, two case studies are implemented. Finally, the results show that the tangling and scattering problems are eliminated by separately modeling the crosscutting constraints as aspects using aspect OCL. This reduces the overall number of constraints and lowers the maintenance and management effort, which ultimately reduces the complexity of sequence models. The constraint-oriented sequence models are successfully verified, which shows that the output models are correct and complete. To conclude, our research approach is more useful and effective than the other approaches as it covers all the necessary steps required for functional and authentication behavior and constraint modeling.