Um Sistema de Padrões para Software Criptográfico Orientado a Objetos
Abstract
In this work, a system of patterns [BMR+ 96] for object-oriented cryptographic software is proposed. In this system, architectural aspects of cryptographic software are treated as interrelated microarchitectures [GHJV93]. A classification based on fundamental objectives of cryptography [MvOV96](see Appendix A) is used to organize a set of patterns; they are: Information Secrecy, Message Integrity, Message Authentication, and Sender Authentication. By combination of these patterns, another set of four patterns is obtained: Secrecy with Authentication, Secrecy with Signature, Secrecy with Integrity, and Signature with Appendix. These eight cryptographic patterns have the same structural and dynamic properties and can be modeled by a generic object-oriented Cryptographic Metapattern. A directed acyclic graph can be constructed using the eight cryptographic patterns and the generic Cryptographic Metapattern. A walk on that graph documents a sequence of design decisions.
Keywords:
cryptography, system of patterns, design patterns, software architecture, object orientation
References
Alexandre M. Braga, Delano M. Beder, Ricardo Dahab, and Cecilia M. F. Rubira. Segurança em Sistemas de Micropagamentos Eletrônicos. In Mário M. Leboute, editor, WTI'98 - I Workshop de Tolerância a Falhas, pages 85-90, Universidade Federal do Rio Grande do Sul - Instituto de Informatica, Porto Alegre, RS, Brasil, May 1998.
Alexandre M. Braga, Ricardo Dahab, and Cecilia M. F. Rubira. PayPerClick: Um Framework para Venda e Distribuição On-line de Publicações Baseado em Micropagamentos. In SBRC'98 - 160 Simpósio Brasileiro de Redes de Computadores, page 767, Rio de Janeiro, RJ, Brasil, May 1998. Resumo Estendido.
Davide Brugali, Giuseppe Menga, and Amund Aarten. The Framework Life Span. Communications of the ACM, 40(10):65-68, October 1997.
Frank Buschmann, Regine Meunier, Hans Rohnert, Peter Sommerlad, and Michael Stal. Pattern-Oriented Software Architecture: A System of Patterns. John Wiley and Sons Ltd., Chichester, UK, 1996.
Common Security Services Manager Application Programming Interface, draft 2.0. http://www.opengroup.org/public/tech/security/pki/index.htm, June 1997.
M. Degeforde. Java Crypto Architecture API Specification and Reference. http://java.sun.com/products/JDK1.1/docs/guide/security/CryptoSpec.html, February 1997.
Eric Gamma, Richard Helm, Ralph Johnson, and John Vlissides. Design Patterns: Abstraction and Reuse of Object-Oriented Design. In Oscar M. Nierstrasz, editor, ECOOP'93 - European Conference on Object-Oriented Programming, volume 707 of LNCS, pages 407-431, Kaiserslautern, Germany, July 1993. Springer-Verlag.
Erich Gamma, Richard Helm, Ralph Johnson, and John Vlissides. Design Patterns: Elements of Reusable Object-Oriented Software. Addison Wesley Publishing Company, April 1994.
David Garlan and Dewayne E. Perry. Introduction to the Special Issue on Software Architecture. IEEE Transactions on Software Engineering, 21(4):269-274, April 1995.
Ralph E. Johnson. Documenting Frameworks using Patterns. In Andreas Paepcke, editor, OOPSLA 92 - Conference on Object-Oriented Programming Systems, Languages, and Applications, volume 27 of ACM SIGPLAN Notices, pages 10-20, Vancouver, Britsh Columbia, Canada, October 1992.
B. Kaliski. Cryptoki: A Cryptographic Token Interface, version 1.0. http://www.rsa.com/rsalabs/pubs/PKCS/html/pkes-11.html, April 1995.
Norman L. Kerth and Ward Cunningham. Using Patterns to Improve our Architectural Vision. IEEE Software, pages 53-59, January 1997.
Doug Lea. Christopher Alexander: An Introduction for Object-Oriented Designers. ACM SIGSOFT, Software Engineering Notes, 19(1):39-46, January 1994.
Alfred J. Menezes, Paul C. van Orschot, and Scott A. Vanstone. Handbook of Applied Cryptography. CRC Press, 1996. (Press) Wolfgang Pree. Design Patterns for Object-Oriented Software Development. Addison-Wesley, 1995.
Bruce Schneier. Applied Cryptography - Protocols, Algorithms, and Source Code in C. John Wiley and Sons, 2nd edition, 1996.
Douglas C. Schmidt, Mohamed Fayad, and Ralph E. Johnson. Software Patterns. Communications of the ACM, 39(10):36-39, October 1996.
Joseph Yoder and Jeffrey Barcalow. Application Security. PLoP'97 Conference, Washington University Technical Report 97-34, 1997.
Alexandre M. Braga, Ricardo Dahab, and Cecilia M. F. Rubira. PayPerClick: Um Framework para Venda e Distribuição On-line de Publicações Baseado em Micropagamentos. In SBRC'98 - 160 Simpósio Brasileiro de Redes de Computadores, page 767, Rio de Janeiro, RJ, Brasil, May 1998. Resumo Estendido.
Davide Brugali, Giuseppe Menga, and Amund Aarten. The Framework Life Span. Communications of the ACM, 40(10):65-68, October 1997.
Frank Buschmann, Regine Meunier, Hans Rohnert, Peter Sommerlad, and Michael Stal. Pattern-Oriented Software Architecture: A System of Patterns. John Wiley and Sons Ltd., Chichester, UK, 1996.
Common Security Services Manager Application Programming Interface, draft 2.0. http://www.opengroup.org/public/tech/security/pki/index.htm, June 1997.
M. Degeforde. Java Crypto Architecture API Specification and Reference. http://java.sun.com/products/JDK1.1/docs/guide/security/CryptoSpec.html, February 1997.
Eric Gamma, Richard Helm, Ralph Johnson, and John Vlissides. Design Patterns: Abstraction and Reuse of Object-Oriented Design. In Oscar M. Nierstrasz, editor, ECOOP'93 - European Conference on Object-Oriented Programming, volume 707 of LNCS, pages 407-431, Kaiserslautern, Germany, July 1993. Springer-Verlag.
Erich Gamma, Richard Helm, Ralph Johnson, and John Vlissides. Design Patterns: Elements of Reusable Object-Oriented Software. Addison Wesley Publishing Company, April 1994.
David Garlan and Dewayne E. Perry. Introduction to the Special Issue on Software Architecture. IEEE Transactions on Software Engineering, 21(4):269-274, April 1995.
Ralph E. Johnson. Documenting Frameworks using Patterns. In Andreas Paepcke, editor, OOPSLA 92 - Conference on Object-Oriented Programming Systems, Languages, and Applications, volume 27 of ACM SIGPLAN Notices, pages 10-20, Vancouver, Britsh Columbia, Canada, October 1992.
B. Kaliski. Cryptoki: A Cryptographic Token Interface, version 1.0. http://www.rsa.com/rsalabs/pubs/PKCS/html/pkes-11.html, April 1995.
Norman L. Kerth and Ward Cunningham. Using Patterns to Improve our Architectural Vision. IEEE Software, pages 53-59, January 1997.
Doug Lea. Christopher Alexander: An Introduction for Object-Oriented Designers. ACM SIGSOFT, Software Engineering Notes, 19(1):39-46, January 1994.
Alfred J. Menezes, Paul C. van Orschot, and Scott A. Vanstone. Handbook of Applied Cryptography. CRC Press, 1996. (Press) Wolfgang Pree. Design Patterns for Object-Oriented Software Development. Addison-Wesley, 1995.
Bruce Schneier. Applied Cryptography - Protocols, Algorithms, and Source Code in C. John Wiley and Sons, 2nd edition, 1996.
Douglas C. Schmidt, Mohamed Fayad, and Ralph E. Johnson. Software Patterns. Communications of the ACM, 39(10):36-39, October 1996.
Joseph Yoder and Jeffrey Barcalow. Application Security. PLoP'97 Conference, Washington University Technical Report 97-34, 1997.
Published
1998-10-13
How to Cite
BRAGA, Alexandre M.; RUBIRA, Cecília M. F.; DAHAB, Ricardo.
Um Sistema de Padrões para Software Criptográfico Orientado a Objetos. In: BRAZILIAN SYMPOSIUM ON SOFTWARE ENGINEERING (SBES), 12. , 1998, Maringá/PR.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
1998
.
p. 171-186.
ISSN 2833-0633.
DOI: https://doi.org/10.5753/sbes.1998.24026.
