Sunday, April 5, 2009

My views of having an Object Oriented approach to Security

The need for a new approach arises because the existing approaches are unable to stem the security issues increasing day-by-day. The root cause of any security problem, be it a virus attack or hacking, is simply bad software, which in turn comes from incorrect application of Software Engineering principles.

My proposal will not address all security threats,but will definitely set stage for building a robust Security Architecture and System.

Building blocks of this approach
1) Any problem domain can be characterized as a set of objects that have specific attributes and behaviors.
2) Objects are inherently oriented towards security through scope specifiers for its attributes.

This makes it easy to view systems and users decoupled in a scenario background, taking advantage of the best features of Object Oriented systems, even for a system that was not specifically designed to be Object Oriented.

The Value Addition of OO apporach:-
The existing approaches are more of 'find-and-patch' or 'make-fix' nature. However, the object-oriented approach insists incorporating security mesaures into the system time and again at every stage right from the Concept initiation stage to Post-Implementation maintenance stage.
The second advantage of the OO Approach is based on the main principles of the Object Oriented Architecture - Reusability. Any project built using this apporach can be re-used elsewhere without any hassle.

©®Chitra Lele