Dae-Kyoo Kim

A UML-based pattern specification technique

Informally described design patterns are useful for communicating proven solutions for recurring design problems to developers, but they cannot be used as compliance points against which solutions that claim to conform to the patterns are checked. Pattern specification languages that utilize mathematical notation provide the needed formality, but often at the expense of usability. We present a rigorous and practical technique for specifying pattern solutions expressed in the unified modeling language (UML). The specification technique paves the way for the development of tools that support rigorous application of design patterns to UML design models. The technique has been used to create specifications of solutions for several popular design patterns. We illustrate the use of the technique by specifying observer and visitor pattern solutions.

Modeling and composing scenario-based requirements with aspects

There has been significant recent interest, within the aspect-oriented software development (AOSD) community, in representing crosscutting concerns at various stages of the software lifecycle. However, most of these efforts have concentrated on the design and implementation phases. We focus in This work on representing aspects during use case modeling. In particular, we focus on scenario-based requirements and show how to compose aspectual and non-aspectual scenarios so that they can be simulated as a whole. Non-aspectual scenarios are modeled as UML sequence diagrams. Aspectual scenarios are modeled as interaction pattern specifications (IPSs). In order to simulate them, the scenarios are transformed into a set of executable state machines using an existing state machine synthesis algorithm. Previous work composed aspectual and non-aspectual scenarios at the sequence diagram level. In This work, the composition is done at the state machine level.

Using uml to visualize role-based access control constraints

Organizations use Role-Based Access Control (RBAC) to protect information resources from unauthorized access. We propose an approach, based on the Unified Modeling Language (UML), that shows how RBAC policies can be systematically incorporated into an application design. We consider an RBAC model to be a pattern which we express using UML diagram templates; RBAC policies for an application conforming to this model can be generated by instantiating these templates with values obtained from the application. The constraints of the RBAC model are expressed using the Object Constraint Language (OCL). OCL constraints, based on first-order logic, are difficult to understand. To alleviate this problem, we show how violation of such constraints can be visually represented using object diagram templates. With adequate tool support, developers can use these to demonstrate constraint violations in their applications. Our approach is illustrated using a small banking application.

Quality-driven architecture development using architectural tactics

This paper presents a quality-driven approach to embodying non-functional requirements (NFRs) into software architecture using architectural tactics. Architectural tactics are reusable architectural building blocks, providing general architectural solutions for common issues pertaining to quality attributes. In this approach, architectural tactics are represented as feature models, and their semantics is defined using the Role-Based Metamodeling Language (RBML) which is a UML-based pattern specification notation. Given a set of NFRs, architectural tactics are selected and composed, and the composed tactic is used to instantiate an initial architecture for the application. The proposed approach addresses both the structural and behavioral aspects of architecture. We describe the approach using tactics for performance, availability and security to develop an architecture for a stock trading system. We demonstrate tool support for instantiating a composed tactic to generate an initial architecture of the stock trading system.

A metamodeling approach to pattern-based model refactoring

Design patterns capture development solutions to design problems in forms that make the designs more modular, modifiable, reusable, and understandable. This metamodeling approach to pattern-based refactoring of design models incorporates the precise specification of design patterns and transformation rules.

Modeling Role-Based Access Control Using Parameterized UML Models

Organizations use Role-Based Access Control (RBAC) to protect computer-based resources from unauthorized access. There has been considerable work on formally specifying RBAC policies but there is still a need for RBAC policy specification techniques that can be integrated into software design methods. This paper describes a method for incorporating specifications of RBAC policies into UML design models. Reusable RBAC policies are specified as patterns and are expressed using UML template diagrams. Incorporating RBAC policies into an application specific model involves instantiating the patterns and composing the instantiations with the model. The method also includes a technique for specifying patterns of RBAC violations. Developers can use the patterns to identify policy violations in their models. The method is illustrated using a small banking application.

An approach to evaluating structural pattern conformance of UML models

This paper describes an approach to evaluating the structural conformance of a UML class diagram to a design pattern. A design pattern is specified in an extension of the UML that defines the pattern as a family of models. A pattern specification consists of a set of pattern roles where a role specifies the properties of a pattern participant. The approach uses a divide-and-conquer method to evaluate pattern conformance. In the approach a pattern and the model being evaluated are decomposed into blocks. Then, the model blocks are evaluated for conformance to the role blocks in the pattern. When all individual role blocks are satisfied by the model blocks, the pattern as a whole is considered to evaluate the entire conformance of the model. A major benefit of this approach is the support for variations of pattern realizations through the notion of pattern roles. We illustrate the approach using the Visitor pattern and a price calculator, and demonstrate a prototype tool that supports the approach.

Using Parameterized UML to Specify and Compose Access Control Models

Situations can arise in which organizations have to merge policies that are based on different access control frameworks, such as Role Based Access Control (RBAC) and Mandatory Access Control (MAC). Integrating policies requires addressing the following question: How will the integration impact access to protected resources? In particular, one needs to determine that the integration does not result in security breaches or unavailability of resources. A way of addressing these concerns is to model the access control frameworks, compose the models, and analyze the resulting model to identify problems. In this paper we outline a technique for modeling and composing access control policy frameworks. Specifically, we model RBAC and MAC using a variant of the Unified Modeling Language (UML) and show how to compose the models. The composed model can be used as a base for defining access control policies in a military domain.

An approach to precisely specifying the problem domain of design patterns

The problem domain of a design pattern describes the problem context in which the pattern can be applied. In general, determining the applicability of a pattern to a particular problem heavily relies on the knowledge and experience the developer has with the pattern. This significantly limits the use of patterns. To address this issue, we propose an approach for rigorously specifying the problem domain of patterns. This approach systematically guides one to develop rigorous specifications of a patterns problem domain using a precise notation. The resulting specifications can be used to develop tool support for automatic evaluation of pattern applicability. We describe the approach using the Visitor pattern, and show how the resulting specification can be used to evaluate pattern applicability for a particular problem model. We also demonstrate tool support for the approach.

Evaluating pattern conformance of UML models: a divide-and-conquer approach and case studies

A design pattern is realized in various forms depending on the context of the applications. There has been intensive research on detecting pattern instances in models and in implementations. However, little work addresses variations of pattern realization. This paper describes an approach for evaluating conformance of pattern variations. This approach uses a divide-and-conquer strategy to evaluate the structural conformance of a UML class diagram to the solution of a design pattern. A design pattern is specified in an extension of the UML that defines the pattern in terms of roles. To demonstrate the approach, we use the Visitor pattern and two case studies of a price calculator and a word processor. We also present a prototype tool that supports the approach.