Object Oriented Secure Modeling using SELinux Trusted Operating System
Ben Bentley
Catawba Valley Community College
?
Abstract
This research paper by Pathak, N., & Sharma, N. (2018) published in International Journal of Advanced Networking and Applications, 9(4), 3492-3497 proposes to use a forward-thinking concept to boost performance and yet to heighten the security of web-based applications. By using their concept, it would allow system administrators to manipulate the security checks in the distributed trusted operating systems (DTOS). An example would be to allow the administrator to disarm certain security checks without compromising security of the system. With video on demand, different systems operate differently to allow user to search for and play videos. This is a subjective subject as to what operation can be overridden and which cannot be for system security to be effective. “Their suggested use of UML 2.0 (Unified Modeling Language) based research work proposes object-oriented class based software development, source code generation in C++ and the integration of security engineering into a model-driven software development.” Doing a rhetorical analysis on this subject the authors use of logic is looking at a new area of conception and how to enhance the security of today’s computer networking by thinking outside of the proverbial box.
Keywords: Forward-thinking, security, system administrators
Introduction
This analysis looks at a vast rapidly accelerating field of networking, and data sharing worldwide. The use of security measures has become a crucial part of the internet. Both the common user and research and development have concerns about security of the information on the internet. The emotion factor is played on by the writers of this study to evoke a sense of urgency to get this into a viable program that would protect users from invasion of privacy to international secrets. They tell us our greatest threats come in the form of trojan horses and viruses, and we all have been warned about and told that if these invade a system, they can access and modify all data present on the system infected. By using experience and knowledge, therefore we use authentication and encryption technologies. Again, we see the writers using basic language to enforce our fear of these things that we know will compromise our security.
To reinforce the need, we are told that through the rapid advancements of technologies, it is ever so demanding to keep up with the need to adapt to new and better security measures. The use of firewalls and application layer controls have helped, but the draw backs leave us vulner-able because of internal security issues. These are the issues most end users know of yet lack technical skills to correct and must place their faith in others blindly.
The paper talks of putting security measures in the kernel as being more effective instead of outside it. Although trusted operating systems are a better choice, the heightened security comes as a draw back. It clogs the system for one check then another. No one wants to have a slow computer; it takes us back to using DSL. It was so slow and unreliable. Ultimately, a slow system. Here the use of technical terminology validates what they are stating; that their study is a better fix for the future of security of the internet.
Anyone that has worked with or on an open source system trusts the system to be reliable. Here they reinforce the security issues faced by end users. Every user expects security from large companies to individual consumers. As companies try to fix hard security issues, operating systems that execute the use of Argus-Systems Group, HP, and Sun Microsystems show promise for the future. Open source operating systems are well secured kernel having excellent security features and known as secure systems, operating systems, such as what we use in Microsoft Word. These are trusted names in the computer world.
The downplaying of the application release from National Security Agency as being a nightmare for the system administrator could be resolved using their research and development. SELinux was released by National Security Agency as a more secured systems operating system. These secure systems are more challenging to a system administrator. It requires more effort and more time to input desired security policies. This from the National Security Agency.
Using plain computer terminology to persuade one to use the SELinux operating system to address web-based security concerns, the authors try to elicit the comfort level of their audience being the developers of software. Their use of UML 2.0 based conceptual modeling for the development of secure application. The quality of software design is necessary for success of software. The software should be SPF based for analysis and development when using the SELinux operating system.
In the basic principles of a secure operating system, the term trusted operating system differs between developmental companies. System programs are developed according to requirements of the end users. Features of the trusted operating system many may have heard of are a Mandatory Access Control or MAC address, Discretionary Access Control (DAC), and auditing. The use of public knowledge is instrumental in instilling again the severity of the need for heightened security of the web. A majority of data is public on any web server. Web servers deal with sole public data and public information. The task of security is to allow or not to allow access to the data or information since the data is readable by every user on the internet. The integrity of the server is the main issue over confidentiality. To disable certain operations would increase operating system performance over the basic security principles of the operating system.
The paper suggests adding two extra subsystems in the structural design of the kernel instead of adding additional layers for security. In the design, the security server is not a com-ponent of the kernel. Distributive trusted operating system and Flask (Flux Advanced security policies.) are built and applied upon kernels. A Security Kernel is an operating system security architecture that provides flexible support for security policies. With this said, security policies can be edited as need requires when using the additional subsystem application.
Emotions are being played here, the play is at the professionals of the field, and it is informing the ease of use. The use of facts means that object-oriented developments are based on real world abstractions. Through practices and approach, it is relatively smooth from processing to design through implementation. It is presently the most accepted software development style. Developers can identify metrics like data members, number of data members in a super class, and numerous other variants. These metrics can be identified through Hallstead software science measures and data structures. With the use of these, planning will become easier to developers
SElinux is a better choice for secure web applications. Through SPF modeling of SELinux, security concerns can be implemented. Used in an open source allows for modification per your requirements for confidentiality and privacy. We are being told that this is hard to do for the everyday casual user. Source codes in a specific language are hard to acquire and are not available for normal users.
Conclusion
This implies that object-oriented secure modeling allows system administrators to disable or skip unnecessary security checks in DTOS to enhance performance without dropping security protocols. A showing of the UML 2.0 effectiveness based on object oriented secure modeling and SPF based web applications with integration of security engineering in to model driven software. The paper appeared to present a good case to possibly alter a more secure web based security system through a forward-thinking theory. Even though it appears to be geared to the developers and system administrators it seems to apply to the basic user such as an office manager as well.
References
Pathak, N., ; Sharma, N. (2018). Object oriented secure modeling using SELinux trusted operating system. International Journal of Advanced Networking and Applications, 9(4), 3492-3497. Retrieved from http://nclive.org/cgi-bin/nclsm?url=http://search.proquest.com/docview/2041126474?accounti