Model-Driven Software Development - Web Abstractions 2
•
2 likes•745 views
This document summarizes a lecture on modeling web applications. It discusses modeling web programs, software systems, and languages. It covers web abstractions like access control policies, data validation, workflow, AJAX, and search. It provides details on access control mechanisms, policies, representations, and rules. It also discusses data validation types and rules. Finally, it mentions workflow modeling for web applications.
More Related Content
Similar to Model-Driven Software Development - Web Abstractions 2
Similar to Model-Driven Software Development - Web Abstractions 2 (20)
More from Eelco Visser
More from Eelco Visser (20)
Recently uploaded
Recently uploaded (20)
Model-Driven Software Development - Web Abstractions 2
- 1. Web Abstractions 1I access control policies, data validation, workflow, ajax, search Lecture 4 Course IN4308 Eelco Visser Master Computer Science http://eelcovisser.org Delft University of Technology Wednesday, March 10, 2010
- 2. Modeling Modeling IDEs Software Systems Modeling Transforming Web Programs Software Models Implementing Software Language Web Models Engineering Strategies Modeling Make your own Software Languages Software Languages Wednesday, March 10, 2010
- 3. Web Abstractions from a declarative point of view (we’ll investigate underlying mechanisms later) Wednesday, March 10, 2010
- 4. More Web Abstractions - Access control policies ★ constraints over objects ★ role-based AC, discretionary AC - Data validation ★ form validation ★ data integrity - Workflow - Search - AJAX: accessing page fragments (templates) Wednesday, March 10, 2010
- 5. Access Control Danny M. Groenewegen, Eelco Visser. Declarative Access Control for WebDSL: Combining Language Integration and Separation of Concerns. ICWE 2008: 175-188 Wednesday, March 10, 2010
- 6. Case 2: Access Control Policy for Conference Papers ★ has authors Authors ★ submit papers, read reviews Reviewers ★ write review for paper & discuss papers ★ are anonymous (for authors) Conflicts ★ author cannot be reviewer ★ reviewer not related to authors Wednesday, March 10, 2010
- 7. Access Control Mechanisms Wednesday, March 10, 2010
- 8. WebDSL Access Control Constraints over data model - boolean expression over properties of objects Rules restrict access to resources - page, template, action Infer restriction of navigation - don’t show link to inaccessible page or forbidden action Wednesday, March 10, 2010
- 9. Principal representation of principal turn on access control Wednesday, March 10, 2010
- 10. Access Control Rules ‘may access page f with argument x if boolean expression e is true’ Wednesday, March 10, 2010
- 11. Wiki Access Control Rules ‘anyone can view existing pages, only logged in users can create pages’ ‘only logged in users may edit pages’ Wednesday, March 10, 2010
- 12. Wiki Access Control Rules Wednesday, March 10, 2010
- 13. Wiki Access Control Rules Wednesday, March 10, 2010
- 14. Wiki Access Control Rules Wednesday, March 10, 2010
- 15. Wiki Access Control Rules Wednesday, March 10, 2010
- 16. Access Control Policies Wednesday, March 10, 2010
- 17. Access Control Policies Standard Policies - Mandatory access control - Discretionary access control - Role-based access control Mixing policies - Role-based + discretionary access control WebDSL - No restrictions on access control policies Wednesday, March 10, 2010
- 18. Encoding Access Control Policies Rules - Who may access which resources? - Who can apply which actions? Representation - How are permissions stored? Administration - How can permissions be changed? - Who can change permissions? Wednesday, March 10, 2010
- 19. Wiki: Data Model Wednesday, March 10, 2010
- 20. Wiki: User Interface Templates (abbreviated to navigation structure) Wednesday, March 10, 2010
- 21. Wiki: Generic Access Control Rules Wednesday, March 10, 2010
- 22. Mandatory Access Control Security Labels ★ Classification label protects object • Top Secret, Secret, Confidential, Unclassified ★ Clearance indicates access of subject Confidentiality rules ★ Read-down: clearance should be higher than or equal to classification document to read ★ Write-up: clearance is lower than or equal to classification of document to write Wednesday, March 10, 2010
- 23. MAC: representation Wednesday, March 10, 2010
- 24. MAC: predicates Wednesday, March 10, 2010
- 25. Discretionary Access Control Access control lists - objects have owner - owner grants, revokes users access to object Example: Unix file permissions - read, write, execute permissions for - owner, group, anyone Wednesday, March 10, 2010
- 26. DAC: representation Wednesday, March 10, 2010
- 27. DAC: predicates Wednesday, March 10, 2010
- 28. DAC: administration Wednesday, March 10, 2010
- 29. Role-Based Access Control Role: group of activities - authorization assigned to roles - users assigned to roles - robust to organizational changes Hierarchical roles - least privilege: use minimal permissions for task Separation of duties - critical actions require coordination Wednesday, March 10, 2010
- 30. RBAC: representation Wednesday, March 10, 2010
- 31. RBAC: predicates Wednesday, March 10, 2010
- 32. RBAC: administration Wednesday, March 10, 2010
- 33. Mixing Access Control Policies Real policies - Mix of DAC & RBAC - AC rules are constraints over object graph WebDSL - No policies built-in Wednesday, March 10, 2010
- 34. Case 2: Access Control Policy for Conference Papers ★ has authors Authors ★ submit papers, read reviews Reviewers ★ write review for paper & discuss papers ★ are anonymous (for authors) Conflicts ★ author cannot be reviewer ★ reviewer not related to authors Wednesday, March 10, 2010
- 35. Data Validation Danny M. Groenewegen, Eelco Visser. Integration of Data Validation and User Interface Concerns in a DSL for Web Applications. SLE 2010 Wednesday, March 10, 2010
- 36. Data Validation Check input & maintain data integrity Types of validation - Value well-formedness - Data invariants - Input assertions - Action assertions User interface integration - Display errors Wednesday, March 10, 2010
- 37. Validation Rules data validation form validation action assertions messages Wednesday, March 10, 2010
- 38. Value Well-Formedness Wednesday, March 10, 2010
- 39. Customizing Value Well-Formedness Rules Wednesday, March 10, 2010
- 40. Data Invariants Wednesday, March 10, 2010
- 41. Data Invariants Wednesday, March 10, 2010
- 42. Data Invariants Wednesday, March 10, 2010
- 43. Data Invariants Wednesday, March 10, 2010
- 44. Input Assertions Wednesday, March 10, 2010
- 45. Action Assertions Wednesday, March 10, 2010
- 46. Customizing Error Messages Wednesday, March 10, 2010
- 47. Workflow Zef Hemel, Ruben Verhaaf, Eelco Visser. WebWorkFlow: An Object-Oriented Workflow Modeling Language for Web Applications. MoDELS 2008: 113-127 Note: WebWorkFlow is not supported by current version of WebDSL Wednesday, March 10, 2010
- 48. Workflow Coordinating activities by participants WebWorkFlow - object-oriented workflow definition - integrate all aspects of workflow ★ data ★ user interface ★ access control ★ control-flow - abstractions on top of base WebDSL Wednesday, March 10, 2010
- 49. WebWorkFlow by Example: Progress Meeting Wednesday, March 10, 2010
- 50. Wednesday, March 10, 2010
- 51. workflow procedure workflow object procedure call process definition Wednesday, March 10, 2010
- 52. parallel enable next step iterate Wednesday, March 10, 2010
- 53. access control access control Wednesday, March 10, 2010
- 54. Wednesday, March 10, 2010
- 55. Wednesday, March 10, 2010
- 56. action Wednesday, March 10, 2010
- 57. no user interface Wednesday, March 10, 2010
- 58. condition Wednesday, March 10, 2010
- 59. Workflow Remarks Recursive workflows (see paper) Issue: user interface patterns for workflow Is workflow an anti-pattern? - is workflow good interaction design? - determine order of user actions - what are alternatives? Wednesday, March 10, 2010
- 60. Search Wednesday, March 10, 2010
- 61. search annotations search queries Wednesday, March 10, 2010
- 62. AJAX Michel Weststrate. Abstractions for Asynchronous User Interfaces in Web Applications.Master's thesis, Delft University of Technology, 2009. Wednesday, March 10, 2010
- 63. AJAX Deliver page fragments, not just full pages - Replace page elements by new fragments - Templates are unit of replacement Wednesday, March 10, 2010
- 64. placeholder default view Wednesday, March 10, 2010
- 65. replace Wednesday, March 10, 2010
- 66. Summary Access control policies ★ constraints over objects ★ encoding of standard policies (DAC, RBAC) Data validation ★ form validation & data integrity Workflow ★ coordinating activities of multiple participants Search based on data model annotations AJAX: accessing page fragments (templates) Wednesday, March 10, 2010
- 67. Schedule Lab this week ★ WebDSL application Cases ★ Case 2: web abstractions ★ Read: Declarative Access Control for WebDSL ★ Read: Integration of Data Validation and User Interface Concerns ★ Read: WebWorkFlow Next ★ Lecture 5: WebDSL implementation strategies ★ Lecture 6 & 7: modeling languages Wednesday, March 10, 2010