Um Sistema de Padrões para Software Criptográfico Orientado a Objetos
Resumo
Neste trabalho, um sistema de padrões [BMR+96] para software criptográfico orientado a objetos é proposto. Neste sistema, os aspectos da arquitetura de software criptográfico são abordados como microarquiteturas [GHJV93] interrelacionadas. Quatro padrões são classificados de acordo com os objetivos fundamentais da criptografia [Mv0V96](ver Apêndice A). Os padrões são: Sigilo da Informação, Integridade da Mensagem, Autenticação da Mensagem e Autenticação do Remetente. Outros quatro padrões são obtidos a partir de combinações dos anteriores: Sigilo com Autenticação, Sigilo com Integridade, Sigilo com Assinatura e Assinatura com Apêndice. Os oito padrões criptográficos possuem estrutura e dinâmica comuns e, por isso, podem ser representados por um padrão mais genérico, chamado Metapadrão Criptográfico. Os oito padrões e o Mctapadrão Criptográfico podem ser dispostos como vértices de um grafo direcionado acíclico no qual um percurso documenta uma sequência de decisões de projeto.
Palavras-chave:
criptografia, sistema de padrões, padrões de projeto, arquitetura de software, orientação a objetos
Referências
Alexandre M. Braga, Delano M. Beder, Ricardo Dahab, and Cecilia M. F. Rubira. Segurança em Sistemas de Micropagamentos Eletrônicos. In Mário M. Leboute, editor, WTI'98 - I Workshop de Tolerância a Falhas, pages 85-90, Universidade Federal do Rio Grande do Sul - Instituto de Informatica, Porto Alegre, RS, Brasil, May 1998.
Alexandre M. Braga, Ricardo Dahab, and Cecilia M. F. Rubira. PayPerClick: Um Framework para Venda e Distribuição On-line de Publicações Baseado em Micropagamentos. In SBRC'98 - 160 Simpósio Brasileiro de Redes de Computadores, page 767, Rio de Janeiro, RJ, Brasil, May 1998. Resumo Estendido.
Davide Brugali, Giuseppe Menga, and Amund Aarten. The Framework Life Span. Communications of the ACM, 40(10):65-68, October 1997.
Frank Buschmann, Regine Meunier, Hans Rohnert, Peter Sommerlad, and Michael Stal. Pattern-Oriented Software Architecture: A System of Patterns. John Wiley and Sons Ltd., Chichester, UK, 1996.
Common Security Services Manager Application Programming Interface, draft 2.0. http://www.opengroup.org/public/tech/security/pki/index.htm, June 1997.
M. Degeforde. Java Crypto Architecture API Specification and Reference. http://java.sun.com/products/JDK1.1/docs/guide/security/CryptoSpec.html, February 1997.
Eric Gamma, Richard Helm, Ralph Johnson, and John Vlissides. Design Patterns: Abstraction and Reuse of Object-Oriented Design. In Oscar M. Nierstrasz, editor, ECOOP'93 - European Conference on Object-Oriented Programming, volume 707 of LNCS, pages 407-431, Kaiserslautern, Germany, July 1993. Springer-Verlag.
Erich Gamma, Richard Helm, Ralph Johnson, and John Vlissides. Design Patterns: Elements of Reusable Object-Oriented Software. Addison Wesley Publishing Company, April 1994.
David Garlan and Dewayne E. Perry. Introduction to the Special Issue on Software Architecture. IEEE Transactions on Software Engineering, 21(4):269-274, April 1995.
Ralph E. Johnson. Documenting Frameworks using Patterns. In Andreas Paepcke, editor, OOPSLA 92 - Conference on Object-Oriented Programming Systems, Languages, and Applications, volume 27 of ACM SIGPLAN Notices, pages 10-20, Vancouver, Britsh Columbia, Canada, October 1992.
B. Kaliski. Cryptoki: A Cryptographic Token Interface, version 1.0. http://www.rsa.com/rsalabs/pubs/PKCS/html/pkes-11.html, April 1995.
Norman L. Kerth and Ward Cunningham. Using Patterns to Improve our Architectural Vision. IEEE Software, pages 53-59, January 1997.
Doug Lea. Christopher Alexander: An Introduction for Object-Oriented Designers. ACM SIGSOFT, Software Engineering Notes, 19(1):39-46, January 1994.
Alfred J. Menezes, Paul C. van Orschot, and Scott A. Vanstone. Handbook of Applied Cryptography. CRC Press, 1996. (Press) Wolfgang Pree. Design Patterns for Object-Oriented Software Development. Addison-Wesley, 1995.
Bruce Schneier. Applied Cryptography - Protocols, Algorithms, and Source Code in C. John Wiley and Sons, 2nd edition, 1996.
Douglas C. Schmidt, Mohamed Fayad, and Ralph E. Johnson. Software Patterns. Communications of the ACM, 39(10):36-39, October 1996.
Joseph Yoder and Jeffrey Barcalow. Application Security. PLoP'97 Conference, Washington University Technical Report 97-34, 1997.
Alexandre M. Braga, Ricardo Dahab, and Cecilia M. F. Rubira. PayPerClick: Um Framework para Venda e Distribuição On-line de Publicações Baseado em Micropagamentos. In SBRC'98 - 160 Simpósio Brasileiro de Redes de Computadores, page 767, Rio de Janeiro, RJ, Brasil, May 1998. Resumo Estendido.
Davide Brugali, Giuseppe Menga, and Amund Aarten. The Framework Life Span. Communications of the ACM, 40(10):65-68, October 1997.
Frank Buschmann, Regine Meunier, Hans Rohnert, Peter Sommerlad, and Michael Stal. Pattern-Oriented Software Architecture: A System of Patterns. John Wiley and Sons Ltd., Chichester, UK, 1996.
Common Security Services Manager Application Programming Interface, draft 2.0. http://www.opengroup.org/public/tech/security/pki/index.htm, June 1997.
M. Degeforde. Java Crypto Architecture API Specification and Reference. http://java.sun.com/products/JDK1.1/docs/guide/security/CryptoSpec.html, February 1997.
Eric Gamma, Richard Helm, Ralph Johnson, and John Vlissides. Design Patterns: Abstraction and Reuse of Object-Oriented Design. In Oscar M. Nierstrasz, editor, ECOOP'93 - European Conference on Object-Oriented Programming, volume 707 of LNCS, pages 407-431, Kaiserslautern, Germany, July 1993. Springer-Verlag.
Erich Gamma, Richard Helm, Ralph Johnson, and John Vlissides. Design Patterns: Elements of Reusable Object-Oriented Software. Addison Wesley Publishing Company, April 1994.
David Garlan and Dewayne E. Perry. Introduction to the Special Issue on Software Architecture. IEEE Transactions on Software Engineering, 21(4):269-274, April 1995.
Ralph E. Johnson. Documenting Frameworks using Patterns. In Andreas Paepcke, editor, OOPSLA 92 - Conference on Object-Oriented Programming Systems, Languages, and Applications, volume 27 of ACM SIGPLAN Notices, pages 10-20, Vancouver, Britsh Columbia, Canada, October 1992.
B. Kaliski. Cryptoki: A Cryptographic Token Interface, version 1.0. http://www.rsa.com/rsalabs/pubs/PKCS/html/pkes-11.html, April 1995.
Norman L. Kerth and Ward Cunningham. Using Patterns to Improve our Architectural Vision. IEEE Software, pages 53-59, January 1997.
Doug Lea. Christopher Alexander: An Introduction for Object-Oriented Designers. ACM SIGSOFT, Software Engineering Notes, 19(1):39-46, January 1994.
Alfred J. Menezes, Paul C. van Orschot, and Scott A. Vanstone. Handbook of Applied Cryptography. CRC Press, 1996. (Press) Wolfgang Pree. Design Patterns for Object-Oriented Software Development. Addison-Wesley, 1995.
Bruce Schneier. Applied Cryptography - Protocols, Algorithms, and Source Code in C. John Wiley and Sons, 2nd edition, 1996.
Douglas C. Schmidt, Mohamed Fayad, and Ralph E. Johnson. Software Patterns. Communications of the ACM, 39(10):36-39, October 1996.
Joseph Yoder and Jeffrey Barcalow. Application Security. PLoP'97 Conference, Washington University Technical Report 97-34, 1997.
Publicado
13/10/1998
Como Citar
BRAGA, Alexandre M.; RUBIRA, Cecília M. F.; DAHAB, Ricardo.
Um Sistema de Padrões para Software Criptográfico Orientado a Objetos. In: SIMPÓSIO BRASILEIRO DE ENGENHARIA DE SOFTWARE (SBES), 12. , 1998, Maringá/PR.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
1998
.
p. 171-186.
DOI: https://doi.org/10.5753/sbes.1998.24026.
