SlideShare ist ein Scribd-Unternehmen logo

Model-Driven Software Development - Web Abstractions 2

Eelco Visser
Eelco Visser

Fourth lecture in course "Model-Driven Software Development" at Delft University of Technology

BildungBusinessTechnologie
1 von 67
Downloaden Sie, um offline zu lesen
Web Abstractions 1I access control policies, data validation, workflow, ajax, search Lecture 4 Course IN4308 Eelco Visser Master Computer Science http://eelcovisser.org Delft University of Technology Wednesday, March 10, 2010
Modeling Modeling IDEs Software Systems Modeling Transforming Web Programs Software Models Implementing Software Language Web Models Engineering Strategies Modeling Make your own Software Languages Software Languages Wednesday, March 10, 2010
Web Abstractions from a declarative point of view (we’ll investigate underlying mechanisms later) Wednesday, March 10, 2010
More Web Abstractions - Access control policies ★ constraints over objects ★ role-based AC, discretionary AC - Data validation ★ form validation ★ data integrity - Workflow - Search - AJAX: accessing page fragments (templates) Wednesday, March 10, 2010
Access Control Danny M. Groenewegen, Eelco Visser. Declarative Access Control for WebDSL: Combining Language Integration and Separation of Concerns. ICWE 2008: 175-188 Wednesday, March 10, 2010
Case 2: Access Control Policy for Conference Papers ★ has authors Authors ★ submit papers, read reviews Reviewers ★ write review for paper & discuss papers ★ are anonymous (for authors) Conflicts ★ author cannot be reviewer ★ reviewer not related to authors Wednesday, March 10, 2010
Access Control Mechanisms Wednesday, March 10, 2010
WebDSL Access Control Constraints over data model - boolean expression over properties of objects Rules restrict access to resources - page, template, action Infer restriction of navigation - don’t show link to inaccessible page or forbidden action Wednesday, March 10, 2010
Principal representation of principal turn on access control Wednesday, March 10, 2010
Access Control Rules ‘may access page f with argument x if boolean expression e is true’ Wednesday, March 10, 2010
Wiki Access Control Rules ‘anyone can view existing pages, only logged in users can create pages’ ‘only logged in users may edit pages’ Wednesday, March 10, 2010
Wiki Access Control Rules Wednesday, March 10, 2010
Wiki Access Control Rules Wednesday, March 10, 2010
Wiki Access Control Rules Wednesday, March 10, 2010
Wiki Access Control Rules Wednesday, March 10, 2010
Access Control Policies Wednesday, March 10, 2010
Access Control Policies Standard Policies - Mandatory access control - Discretionary access control - Role-based access control Mixing policies - Role-based + discretionary access control WebDSL - No restrictions on access control policies Wednesday, March 10, 2010
Encoding Access Control Policies Rules - Who may access which resources? - Who can apply which actions? Representation - How are permissions stored? Administration - How can permissions be changed? - Who can change permissions? Wednesday, March 10, 2010
Wiki: Data Model Wednesday, March 10, 2010
Wiki: User Interface Templates (abbreviated to navigation structure) Wednesday, March 10, 2010
Wiki: Generic Access Control Rules Wednesday, March 10, 2010
Mandatory Access Control Security Labels ★ Classification label protects object • Top Secret, Secret, Confidential, Unclassified ★ Clearance indicates access of subject Confidentiality rules ★ Read-down: clearance should be higher than or equal to classification document to read ★ Write-up: clearance is lower than or equal to classification of document to write Wednesday, March 10, 2010
MAC: representation Wednesday, March 10, 2010
MAC: predicates Wednesday, March 10, 2010
Discretionary Access Control Access control lists - objects have owner - owner grants, revokes users access to object Example: Unix file permissions - read, write, execute permissions for - owner, group, anyone Wednesday, March 10, 2010
DAC: representation Wednesday, March 10, 2010
DAC: predicates Wednesday, March 10, 2010
DAC: administration Wednesday, March 10, 2010
Role-Based Access Control Role: group of activities - authorization assigned to roles - users assigned to roles - robust to organizational changes Hierarchical roles - least privilege: use minimal permissions for task Separation of duties - critical actions require coordination Wednesday, March 10, 2010
RBAC: representation Wednesday, March 10, 2010
RBAC: predicates Wednesday, March 10, 2010
RBAC: administration Wednesday, March 10, 2010
Mixing Access Control Policies Real policies - Mix of DAC & RBAC - AC rules are constraints over object graph WebDSL - No policies built-in Wednesday, March 10, 2010
Case 2: Access Control Policy for Conference Papers ★ has authors Authors ★ submit papers, read reviews Reviewers ★ write review for paper & discuss papers ★ are anonymous (for authors) Conflicts ★ author cannot be reviewer ★ reviewer not related to authors Wednesday, March 10, 2010
Data Validation Danny M. Groenewegen, Eelco Visser. Integration of Data Validation and User Interface Concerns in a DSL for Web Applications. SLE 2010 Wednesday, March 10, 2010
Data Validation Check input & maintain data integrity Types of validation - Value well-formedness - Data invariants - Input assertions - Action assertions User interface integration - Display errors Wednesday, March 10, 2010
Validation Rules data validation form validation action assertions messages Wednesday, March 10, 2010
Value Well-Formedness Wednesday, March 10, 2010
Customizing Value Well-Formedness Rules Wednesday, March 10, 2010
Data Invariants Wednesday, March 10, 2010
Data Invariants Wednesday, March 10, 2010
Data Invariants Wednesday, March 10, 2010
Data Invariants Wednesday, March 10, 2010
Input Assertions Wednesday, March 10, 2010
Action Assertions Wednesday, March 10, 2010
Customizing Error Messages Wednesday, March 10, 2010
Workflow Zef Hemel, Ruben Verhaaf, Eelco Visser. WebWorkFlow: An Object-Oriented Workflow Modeling Language for Web Applications. MoDELS 2008: 113-127 Note: WebWorkFlow is not supported by current version of WebDSL Wednesday, March 10, 2010
Workflow Coordinating activities by participants WebWorkFlow - object-oriented workflow definition - integrate all aspects of workflow ★ data ★ user interface ★ access control ★ control-flow - abstractions on top of base WebDSL Wednesday, March 10, 2010
WebWorkFlow by Example: Progress Meeting Wednesday, March 10, 2010
Wednesday, March 10, 2010
workflow procedure workflow object procedure call process definition Wednesday, March 10, 2010
parallel enable next step iterate Wednesday, March 10, 2010
access control access control Wednesday, March 10, 2010
Wednesday, March 10, 2010
Wednesday, March 10, 2010
action Wednesday, March 10, 2010
no user interface Wednesday, March 10, 2010
condition Wednesday, March 10, 2010
Workflow Remarks Recursive workflows (see paper) Issue: user interface patterns for workflow Is workflow an anti-pattern? - is workflow good interaction design? - determine order of user actions - what are alternatives? Wednesday, March 10, 2010
Search Wednesday, March 10, 2010
search annotations search queries Wednesday, March 10, 2010
AJAX Michel Weststrate. Abstractions for Asynchronous User Interfaces in Web Applications.Master's thesis, Delft University of Technology, 2009. Wednesday, March 10, 2010
AJAX Deliver page fragments, not just full pages - Replace page elements by new fragments - Templates are unit of replacement Wednesday, March 10, 2010
placeholder default view Wednesday, March 10, 2010
replace Wednesday, March 10, 2010
Summary Access control policies ★ constraints over objects ★ encoding of standard policies (DAC, RBAC) Data validation ★ form validation & data integrity Workflow ★ coordinating activities of multiple participants Search based on data model annotations AJAX: accessing page fragments (templates) Wednesday, March 10, 2010
Schedule Lab this week ★ WebDSL application Cases ★ Case 2: web abstractions ★ Read: Declarative Access Control for WebDSL ★ Read: Integration of Data Validation and User Interface Concerns ★ Read: WebWorkFlow Next ★ Lecture 5: WebDSL implementation strategies ★ Lecture 6 & 7: modeling languages Wednesday, March 10, 2010

Empfohlen

Comm@baruch
Comm@baruchComm@baruch
Comm@baruchLuke Waltzer
 
Functional programming
Functional programmingFunctional programming
Functional programmingMartin Skurla
 
Composing Domain-Specific Languages
Composing Domain-Specific LanguagesComposing Domain-Specific Languages
Composing Domain-Specific LanguagesEelco Visser
 
Investment Banking Book (3rd edition)
Investment Banking Book (3rd edition)Investment Banking Book (3rd edition)
Investment Banking Book (3rd edition)ibtdb-tj
 
Why Is Excel VBA So Important For Banks ?
Why Is Excel VBA So Important For Banks ?Why Is Excel VBA So Important For Banks ?
Why Is Excel VBA So Important For Banks ?Jack Tellington
 
Domain Specific Languages
Domain Specific LanguagesDomain Specific Languages
Domain Specific LanguagesWee Witthawaskul
 
Python for Financial Data Analysis with pandas
Python for Financial Data Analysis with pandasPython for Financial Data Analysis with pandas
Python for Financial Data Analysis with pandasWes McKinney
 
Investment Banking presentation
Investment Banking presentation Investment Banking presentation
Investment Banking presentation Ketan Likhite
 

Empfohlen

Comm@baruch
Comm@baruchComm@baruch
Comm@baruchLuke Waltzer
 
Functional programming
Functional programmingFunctional programming
Functional programmingMartin Skurla
 
Composing Domain-Specific Languages
Composing Domain-Specific LanguagesComposing Domain-Specific Languages
Composing Domain-Specific LanguagesEelco Visser
 
Investment Banking Book (3rd edition)
Investment Banking Book (3rd edition)Investment Banking Book (3rd edition)
Investment Banking Book (3rd edition)ibtdb-tj
 
Why Is Excel VBA So Important For Banks ?
Why Is Excel VBA So Important For Banks ?Why Is Excel VBA So Important For Banks ?
Why Is Excel VBA So Important For Banks ?Jack Tellington
 
Domain Specific Languages
Domain Specific LanguagesDomain Specific Languages
Domain Specific LanguagesWee Witthawaskul
 
Python for Financial Data Analysis with pandas
Python for Financial Data Analysis with pandasPython for Financial Data Analysis with pandas
Python for Financial Data Analysis with pandasWes McKinney
 
Investment Banking presentation
Investment Banking presentation Investment Banking presentation
Investment Banking presentation Ketan Likhite
 
Model-Driven Software Development - Web Abstractions 1
Model-Driven Software Development - Web Abstractions 1Model-Driven Software Development - Web Abstractions 1
Model-Driven Software Development - Web Abstractions 1Eelco Visser
 
Vertically Challenged
Vertically ChallengedVertically Challenged
Vertically ChallengedCommand Prompt., Inc
 
Portfolio 2007-2009
Portfolio 2007-2009Portfolio 2007-2009
Portfolio 2007-2009Jacqueline (Jax) Wechsler
 
Mobile Development with uPortal and Infusion
Mobile Development with uPortal and InfusionMobile Development with uPortal and Infusion
Mobile Development with uPortal and Infusioncolinbdclark
 
Introduction to Web Terminology
Introduction to Web TerminologyIntroduction to Web Terminology
Introduction to Web TerminologyNicole C. Engard
 
Service Integration - A Web of Things Perspective
Service Integration - A Web of Things PerspectiveService Integration - A Web of Things Perspective
Service Integration - A Web of Things PerspectiveSimon Mayer
 
Please Don't Touch the Slow Parts
Please Don't Touch the Slow PartsPlease Don't Touch the Slow Parts
Please Don't Touch the Slow PartsFederico Galassi
 
An On-line Collaborative Data Management System
An On-line Collaborative Data Management SystemAn On-line Collaborative Data Management System
An On-line Collaborative Data Management SystemCameron Kiddle
 
Jung 2010
Jung 2010Jung 2010
Jung 2010Haklae Kim
 
Symfony in the Cloud
Symfony in the CloudSymfony in the Cloud
Symfony in the CloudKris Wallsmith
 
Linked Data and the Semantic Web - Mimas Seminar
Linked Data and the Semantic Web - Mimas SeminarLinked Data and the Semantic Web - Mimas Seminar
Linked Data and the Semantic Web - Mimas SeminarAdrian Stevenson
 
The Revolution Of Cloud Computing
The Revolution Of Cloud ComputingThe Revolution Of Cloud Computing
The Revolution Of Cloud ComputingCarmen Sanborn
 
Persistence Smoothie
Persistence SmoothiePersistence Smoothie
Persistence SmoothieMichael Bleigh
 
Introduction to the Semantic Web
Introduction to the Semantic WebIntroduction to the Semantic Web
Introduction to the Semantic WebMarin Dimitrov
 
Web 3.0: The Upcoming Revolution
Web 3.0: The Upcoming RevolutionWeb 3.0: The Upcoming Revolution
Web 3.0: The Upcoming RevolutionNitin Godawat
 
Data and Information Extraction on the Web
Data and Information Extraction on the WebData and Information Extraction on the Web
Data and Information Extraction on the WebTommaso Teofili
 
Semantic Technologies: Which Way Now? – UKOLN Response
Semantic Technologies: Which Way Now? – UKOLN ResponseSemantic Technologies: Which Way Now? – UKOLN Response
Semantic Technologies: Which Way Now? – UKOLN ResponseAdrian Stevenson
 
eLearning2.0
eLearning2.0eLearning2.0
eLearning2.0Anne Bartlett-Bragg
 
OvertheAir 2010 html5 impact on application programming
OvertheAir 2010 html5 impact on application programmingOvertheAir 2010 html5 impact on application programming
OvertheAir 2010 html5 impact on application programmingTor Björn Minde
 
HTML5 impact on application programming
HTML5 impact on application programmingHTML5 impact on application programming
HTML5 impact on application programmingEricsson Labs
 
CS4200 2019 | Lecture 5 | Transformation by Term Rewriting
CS4200 2019 | Lecture 5 | Transformation by Term RewritingCS4200 2019 | Lecture 5 | Transformation by Term Rewriting
CS4200 2019 | Lecture 5 | Transformation by Term RewritingEelco Visser
 
CS4200 2019 | Lecture 4 | Syntactic Services
CS4200 2019 | Lecture 4 | Syntactic ServicesCS4200 2019 | Lecture 4 | Syntactic Services
CS4200 2019 | Lecture 4 | Syntactic ServicesEelco Visser
 

Weitere ähnliche Inhalte

Ähnlich wie Model-Driven Software Development - Web Abstractions 2

Model-Driven Software Development - Web Abstractions 1
Model-Driven Software Development - Web Abstractions 1Model-Driven Software Development - Web Abstractions 1
Model-Driven Software Development - Web Abstractions 1Eelco Visser
 
Mobile Development with uPortal and Infusion
Mobile Development with uPortal and InfusionMobile Development with uPortal and Infusion
Mobile Development with uPortal and Infusioncolinbdclark
 
Introduction to Web Terminology
Introduction to Web TerminologyIntroduction to Web Terminology
Introduction to Web TerminologyNicole C. Engard
 
Service Integration - A Web of Things Perspective
Service Integration - A Web of Things PerspectiveService Integration - A Web of Things Perspective
Service Integration - A Web of Things PerspectiveSimon Mayer
 
Please Don't Touch the Slow Parts
Please Don't Touch the Slow PartsPlease Don't Touch the Slow Parts
Please Don't Touch the Slow PartsFederico Galassi
 
An On-line Collaborative Data Management System
An On-line Collaborative Data Management SystemAn On-line Collaborative Data Management System
An On-line Collaborative Data Management SystemCameron Kiddle
 
Linked Data and the Semantic Web - Mimas Seminar
Linked Data and the Semantic Web - Mimas SeminarLinked Data and the Semantic Web - Mimas Seminar
Linked Data and the Semantic Web - Mimas SeminarAdrian Stevenson
 
The Revolution Of Cloud Computing
The Revolution Of Cloud ComputingThe Revolution Of Cloud Computing
The Revolution Of Cloud ComputingCarmen Sanborn
 
Introduction to the Semantic Web
Introduction to the Semantic WebIntroduction to the Semantic Web
Introduction to the Semantic WebMarin Dimitrov
 
Web 3.0: The Upcoming Revolution
Web 3.0: The Upcoming RevolutionWeb 3.0: The Upcoming Revolution
Web 3.0: The Upcoming RevolutionNitin Godawat
 
Data and Information Extraction on the Web
Data and Information Extraction on the WebData and Information Extraction on the Web
Data and Information Extraction on the WebTommaso Teofili
 
Semantic Technologies: Which Way Now? – UKOLN Response
Semantic Technologies: Which Way Now? – UKOLN ResponseSemantic Technologies: Which Way Now? – UKOLN Response
Semantic Technologies: Which Way Now? – UKOLN ResponseAdrian Stevenson
 
OvertheAir 2010 html5 impact on application programming
OvertheAir 2010 html5 impact on application programmingOvertheAir 2010 html5 impact on application programming
OvertheAir 2010 html5 impact on application programmingTor Björn Minde
 
HTML5 impact on application programming
HTML5 impact on application programmingHTML5 impact on application programming
HTML5 impact on application programmingEricsson Labs
 

Ähnlich wie Model-Driven Software Development - Web Abstractions 2 (20)

Model-Driven Software Development - Web Abstractions 1
Model-Driven Software Development - Web Abstractions 1Model-Driven Software Development - Web Abstractions 1
Model-Driven Software Development - Web Abstractions 1
 
Vertically Challenged
Vertically ChallengedVertically Challenged
Vertically Challenged
 
Portfolio 2007-2009
Portfolio 2007-2009Portfolio 2007-2009
Portfolio 2007-2009
 
Mobile Development with uPortal and Infusion
Mobile Development with uPortal and InfusionMobile Development with uPortal and Infusion
Mobile Development with uPortal and Infusion
 
Introduction to Web Terminology
Introduction to Web TerminologyIntroduction to Web Terminology
Introduction to Web Terminology
 
Service Integration - A Web of Things Perspective
Service Integration - A Web of Things PerspectiveService Integration - A Web of Things Perspective
Service Integration - A Web of Things Perspective
 
Please Don't Touch the Slow Parts
Please Don't Touch the Slow PartsPlease Don't Touch the Slow Parts
Please Don't Touch the Slow Parts
 
An On-line Collaborative Data Management System
An On-line Collaborative Data Management SystemAn On-line Collaborative Data Management System
An On-line Collaborative Data Management System
 
Jung 2010
Jung 2010Jung 2010
Jung 2010
 
Symfony in the Cloud
Symfony in the CloudSymfony in the Cloud
Symfony in the Cloud
 
Linked Data and the Semantic Web - Mimas Seminar
Linked Data and the Semantic Web - Mimas SeminarLinked Data and the Semantic Web - Mimas Seminar
Linked Data and the Semantic Web - Mimas Seminar
 
The Revolution Of Cloud Computing
The Revolution Of Cloud ComputingThe Revolution Of Cloud Computing
The Revolution Of Cloud Computing
 
Persistence Smoothie
Persistence SmoothiePersistence Smoothie
Persistence Smoothie
 
Introduction to the Semantic Web
Introduction to the Semantic WebIntroduction to the Semantic Web
Introduction to the Semantic Web
 
Web 3.0: The Upcoming Revolution
Web 3.0: The Upcoming RevolutionWeb 3.0: The Upcoming Revolution
Web 3.0: The Upcoming Revolution
 
Data and Information Extraction on the Web
Data and Information Extraction on the WebData and Information Extraction on the Web
Data and Information Extraction on the Web
 
Semantic Technologies: Which Way Now? – UKOLN Response
Semantic Technologies: Which Way Now? – UKOLN ResponseSemantic Technologies: Which Way Now? – UKOLN Response
Semantic Technologies: Which Way Now? – UKOLN Response
 
eLearning2.0
eLearning2.0eLearning2.0
eLearning2.0
 
OvertheAir 2010 html5 impact on application programming
OvertheAir 2010 html5 impact on application programmingOvertheAir 2010 html5 impact on application programming
OvertheAir 2010 html5 impact on application programming
 
HTML5 impact on application programming
HTML5 impact on application programmingHTML5 impact on application programming
HTML5 impact on application programming
 

Mehr von Eelco Visser

CS4200 2019 | Lecture 5 | Transformation by Term Rewriting
CS4200 2019 | Lecture 5 | Transformation by Term RewritingCS4200 2019 | Lecture 5 | Transformation by Term Rewriting
CS4200 2019 | Lecture 5 | Transformation by Term RewritingEelco Visser
 
CS4200 2019 | Lecture 4 | Syntactic Services
CS4200 2019 | Lecture 4 | Syntactic ServicesCS4200 2019 | Lecture 4 | Syntactic Services
CS4200 2019 | Lecture 4 | Syntactic ServicesEelco Visser
 
CS4200 2019 | Lecture 3 | Parsing
CS4200 2019 | Lecture 3 | ParsingCS4200 2019 | Lecture 3 | Parsing
CS4200 2019 | Lecture 3 | ParsingEelco Visser
 
CS4200 2019 | Lecture 2 | syntax-definition
CS4200 2019 | Lecture 2 | syntax-definitionCS4200 2019 | Lecture 2 | syntax-definition
CS4200 2019 | Lecture 2 | syntax-definitionEelco Visser
 
CS4200 2019 Lecture 1: Introduction
CS4200 2019 Lecture 1: IntroductionCS4200 2019 Lecture 1: Introduction
CS4200 2019 Lecture 1: IntroductionEelco Visser
 
A Direct Semantics of Declarative Disambiguation Rules
A Direct Semantics of Declarative Disambiguation RulesA Direct Semantics of Declarative Disambiguation Rules
A Direct Semantics of Declarative Disambiguation RulesEelco Visser
 
Declarative Type System Specification with Statix
Declarative Type System Specification with StatixDeclarative Type System Specification with Statix
Declarative Type System Specification with StatixEelco Visser
 
Compiler Construction | Lecture 17 | Beyond Compiler Construction
Compiler Construction | Lecture 17 | Beyond Compiler ConstructionCompiler Construction | Lecture 17 | Beyond Compiler Construction
Compiler Construction | Lecture 17 | Beyond Compiler ConstructionEelco Visser
 
Domain Specific Languages for Parallel Graph AnalytiX (PGX)
Domain Specific Languages for Parallel Graph AnalytiX (PGX)Domain Specific Languages for Parallel Graph AnalytiX (PGX)
Domain Specific Languages for Parallel Graph AnalytiX (PGX)Eelco Visser
 
Compiler Construction | Lecture 15 | Memory Management
Compiler Construction | Lecture 15 | Memory ManagementCompiler Construction | Lecture 15 | Memory Management
Compiler Construction | Lecture 15 | Memory ManagementEelco Visser
 
Compiler Construction | Lecture 14 | Interpreters
Compiler Construction | Lecture 14 | InterpretersCompiler Construction | Lecture 14 | Interpreters
Compiler Construction | Lecture 14 | InterpretersEelco Visser
 
Compiler Construction | Lecture 13 | Code Generation
Compiler Construction | Lecture 13 | Code GenerationCompiler Construction | Lecture 13 | Code Generation
Compiler Construction | Lecture 13 | Code GenerationEelco Visser
 
Compiler Construction | Lecture 12 | Virtual Machines
Compiler Construction | Lecture 12 | Virtual MachinesCompiler Construction | Lecture 12 | Virtual Machines
Compiler Construction | Lecture 12 | Virtual MachinesEelco Visser
 
Compiler Construction | Lecture 11 | Monotone Frameworks
Compiler Construction | Lecture 11 | Monotone FrameworksCompiler Construction | Lecture 11 | Monotone Frameworks
Compiler Construction | Lecture 11 | Monotone FrameworksEelco Visser
 
Compiler Construction | Lecture 10 | Data-Flow Analysis
Compiler Construction | Lecture 10 | Data-Flow AnalysisCompiler Construction | Lecture 10 | Data-Flow Analysis
Compiler Construction | Lecture 10 | Data-Flow AnalysisEelco Visser
 
Compiler Construction | Lecture 9 | Constraint Resolution
Compiler Construction | Lecture 9 | Constraint ResolutionCompiler Construction | Lecture 9 | Constraint Resolution
Compiler Construction | Lecture 9 | Constraint ResolutionEelco Visser
 
Compiler Construction | Lecture 8 | Type Constraints
Compiler Construction | Lecture 8 | Type ConstraintsCompiler Construction | Lecture 8 | Type Constraints
Compiler Construction | Lecture 8 | Type ConstraintsEelco Visser
 
Compiler Construction | Lecture 7 | Type Checking
Compiler Construction | Lecture 7 | Type CheckingCompiler Construction | Lecture 7 | Type Checking
Compiler Construction | Lecture 7 | Type CheckingEelco Visser
 
Compiler Construction | Lecture 6 | Introduction to Static Analysis
Compiler Construction | Lecture 6 | Introduction to Static AnalysisCompiler Construction | Lecture 6 | Introduction to Static Analysis
Compiler Construction | Lecture 6 | Introduction to Static AnalysisEelco Visser
 
Compiler Construction | Lecture 5 | Transformation by Term Rewriting
Compiler Construction | Lecture 5 | Transformation by Term RewritingCompiler Construction | Lecture 5 | Transformation by Term Rewriting
Compiler Construction | Lecture 5 | Transformation by Term RewritingEelco Visser
 

Mehr von Eelco Visser (20)

CS4200 2019 | Lecture 5 | Transformation by Term Rewriting
CS4200 2019 | Lecture 5 | Transformation by Term RewritingCS4200 2019 | Lecture 5 | Transformation by Term Rewriting
CS4200 2019 | Lecture 5 | Transformation by Term Rewriting
 
CS4200 2019 | Lecture 4 | Syntactic Services
CS4200 2019 | Lecture 4 | Syntactic ServicesCS4200 2019 | Lecture 4 | Syntactic Services
CS4200 2019 | Lecture 4 | Syntactic Services
 
CS4200 2019 | Lecture 3 | Parsing
CS4200 2019 | Lecture 3 | ParsingCS4200 2019 | Lecture 3 | Parsing
CS4200 2019 | Lecture 3 | Parsing
 
CS4200 2019 | Lecture 2 | syntax-definition
CS4200 2019 | Lecture 2 | syntax-definitionCS4200 2019 | Lecture 2 | syntax-definition
CS4200 2019 | Lecture 2 | syntax-definition
 
CS4200 2019 Lecture 1: Introduction
CS4200 2019 Lecture 1: IntroductionCS4200 2019 Lecture 1: Introduction
CS4200 2019 Lecture 1: Introduction
 
A Direct Semantics of Declarative Disambiguation Rules
A Direct Semantics of Declarative Disambiguation RulesA Direct Semantics of Declarative Disambiguation Rules
A Direct Semantics of Declarative Disambiguation Rules
 
Declarative Type System Specification with Statix
Declarative Type System Specification with StatixDeclarative Type System Specification with Statix
Declarative Type System Specification with Statix
 
Compiler Construction | Lecture 17 | Beyond Compiler Construction
Compiler Construction | Lecture 17 | Beyond Compiler ConstructionCompiler Construction | Lecture 17 | Beyond Compiler Construction
Compiler Construction | Lecture 17 | Beyond Compiler Construction
 
Domain Specific Languages for Parallel Graph AnalytiX (PGX)
Domain Specific Languages for Parallel Graph AnalytiX (PGX)Domain Specific Languages for Parallel Graph AnalytiX (PGX)
Domain Specific Languages for Parallel Graph AnalytiX (PGX)
 
Compiler Construction | Lecture 15 | Memory Management
Compiler Construction | Lecture 15 | Memory ManagementCompiler Construction | Lecture 15 | Memory Management
Compiler Construction | Lecture 15 | Memory Management
 
Compiler Construction | Lecture 14 | Interpreters
Compiler Construction | Lecture 14 | InterpretersCompiler Construction | Lecture 14 | Interpreters
Compiler Construction | Lecture 14 | Interpreters
 
Compiler Construction | Lecture 13 | Code Generation
Compiler Construction | Lecture 13 | Code GenerationCompiler Construction | Lecture 13 | Code Generation
Compiler Construction | Lecture 13 | Code Generation
 
Compiler Construction | Lecture 12 | Virtual Machines
Compiler Construction | Lecture 12 | Virtual MachinesCompiler Construction | Lecture 12 | Virtual Machines
Compiler Construction | Lecture 12 | Virtual Machines
 
Compiler Construction | Lecture 11 | Monotone Frameworks
Compiler Construction | Lecture 11 | Monotone FrameworksCompiler Construction | Lecture 11 | Monotone Frameworks
Compiler Construction | Lecture 11 | Monotone Frameworks
 
Compiler Construction | Lecture 10 | Data-Flow Analysis
Compiler Construction | Lecture 10 | Data-Flow AnalysisCompiler Construction | Lecture 10 | Data-Flow Analysis
Compiler Construction | Lecture 10 | Data-Flow Analysis
 
Compiler Construction | Lecture 9 | Constraint Resolution
Compiler Construction | Lecture 9 | Constraint ResolutionCompiler Construction | Lecture 9 | Constraint Resolution
Compiler Construction | Lecture 9 | Constraint Resolution
 
Compiler Construction | Lecture 8 | Type Constraints
Compiler Construction | Lecture 8 | Type ConstraintsCompiler Construction | Lecture 8 | Type Constraints
Compiler Construction | Lecture 8 | Type Constraints
 
Compiler Construction | Lecture 7 | Type Checking
Compiler Construction | Lecture 7 | Type CheckingCompiler Construction | Lecture 7 | Type Checking
Compiler Construction | Lecture 7 | Type Checking
 
Compiler Construction | Lecture 6 | Introduction to Static Analysis
Compiler Construction | Lecture 6 | Introduction to Static AnalysisCompiler Construction | Lecture 6 | Introduction to Static Analysis
Compiler Construction | Lecture 6 | Introduction to Static Analysis
 
Compiler Construction | Lecture 5 | Transformation by Term Rewriting
Compiler Construction | Lecture 5 | Transformation by Term RewritingCompiler Construction | Lecture 5 | Transformation by Term Rewriting
Compiler Construction | Lecture 5 | Transformation by Term Rewriting
 

Kürzlich hochgeladen

A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...PsychoTech Services
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingTeacherCyreneCayanan
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 

Kürzlich hochgeladen (20)

A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 

Model-Driven Software Development - Web Abstractions 2

  • 1. Web Abstractions 1I access control policies, data validation, workflow, ajax, search Lecture 4 Course IN4308 Eelco Visser Master Computer Science http://eelcovisser.org Delft University of Technology Wednesday, March 10, 2010
  • 2. Modeling Modeling IDEs Software Systems Modeling Transforming Web Programs Software Models Implementing Software Language Web Models Engineering Strategies Modeling Make your own Software Languages Software Languages Wednesday, March 10, 2010
  • 3. Web Abstractions from a declarative point of view (we’ll investigate underlying mechanisms later) Wednesday, March 10, 2010
  • 4. More Web Abstractions - Access control policies ★ constraints over objects ★ role-based AC, discretionary AC - Data validation ★ form validation ★ data integrity - Workflow - Search - AJAX: accessing page fragments (templates) Wednesday, March 10, 2010
  • 5. Access Control Danny M. Groenewegen, Eelco Visser. Declarative Access Control for WebDSL: Combining Language Integration and Separation of Concerns. ICWE 2008: 175-188 Wednesday, March 10, 2010
  • 6. Case 2: Access Control Policy for Conference Papers ★ has authors Authors ★ submit papers, read reviews Reviewers ★ write review for paper & discuss papers ★ are anonymous (for authors) Conflicts ★ author cannot be reviewer ★ reviewer not related to authors Wednesday, March 10, 2010
  • 7. Access Control Mechanisms Wednesday, March 10, 2010
  • 8. WebDSL Access Control Constraints over data model - boolean expression over properties of objects Rules restrict access to resources - page, template, action Infer restriction of navigation - don’t show link to inaccessible page or forbidden action Wednesday, March 10, 2010
  • 9. Principal representation of principal turn on access control Wednesday, March 10, 2010
  • 10. Access Control Rules ‘may access page f with argument x if boolean expression e is true’ Wednesday, March 10, 2010
  • 11. Wiki Access Control Rules ‘anyone can view existing pages, only logged in users can create pages’ ‘only logged in users may edit pages’ Wednesday, March 10, 2010
  • 12. Wiki Access Control Rules Wednesday, March 10, 2010
  • 13. Wiki Access Control Rules Wednesday, March 10, 2010
  • 14. Wiki Access Control Rules Wednesday, March 10, 2010
  • 15. Wiki Access Control Rules Wednesday, March 10, 2010
  • 17. Access Control Policies Standard Policies - Mandatory access control - Discretionary access control - Role-based access control Mixing policies - Role-based + discretionary access control WebDSL - No restrictions on access control policies Wednesday, March 10, 2010
  • 18. Encoding Access Control Policies Rules - Who may access which resources? - Who can apply which actions? Representation - How are permissions stored? Administration - How can permissions be changed? - Who can change permissions? Wednesday, March 10, 2010
  • 19. Wiki: Data Model Wednesday, March 10, 2010
  • 20. Wiki: User Interface Templates (abbreviated to navigation structure) Wednesday, March 10, 2010
  • 21. Wiki: Generic Access Control Rules Wednesday, March 10, 2010
  • 22. Mandatory Access Control Security Labels ★ Classification label protects object • Top Secret, Secret, Confidential, Unclassified ★ Clearance indicates access of subject Confidentiality rules ★ Read-down: clearance should be higher than or equal to classification document to read ★ Write-up: clearance is lower than or equal to classification of document to write Wednesday, March 10, 2010
  • 25. Discretionary Access Control Access control lists - objects have owner - owner grants, revokes users access to object Example: Unix file permissions - read, write, execute permissions for - owner, group, anyone Wednesday, March 10, 2010
  • 29. Role-Based Access Control Role: group of activities - authorization assigned to roles - users assigned to roles - robust to organizational changes Hierarchical roles - least privilege: use minimal permissions for task Separation of duties - critical actions require coordination Wednesday, March 10, 2010
  • 33. Mixing Access Control Policies Real policies - Mix of DAC & RBAC - AC rules are constraints over object graph WebDSL - No policies built-in Wednesday, March 10, 2010
  • 34. Case 2: Access Control Policy for Conference Papers ★ has authors Authors ★ submit papers, read reviews Reviewers ★ write review for paper & discuss papers ★ are anonymous (for authors) Conflicts ★ author cannot be reviewer ★ reviewer not related to authors Wednesday, March 10, 2010
  • 35. Data Validation Danny M. Groenewegen, Eelco Visser. Integration of Data Validation and User Interface Concerns in a DSL for Web Applications. SLE 2010 Wednesday, March 10, 2010
  • 36. Data Validation Check input & maintain data integrity Types of validation - Value well-formedness - Data invariants - Input assertions - Action assertions User interface integration - Display errors Wednesday, March 10, 2010
  • 37. Validation Rules data validation form validation action assertions messages Wednesday, March 10, 2010
  • 39. Customizing Value Well-Formedness Rules Wednesday, March 10, 2010
  • 47. Workflow Zef Hemel, Ruben Verhaaf, Eelco Visser. WebWorkFlow: An Object-Oriented Workflow Modeling Language for Web Applications. MoDELS 2008: 113-127 Note: WebWorkFlow is not supported by current version of WebDSL Wednesday, March 10, 2010
  • 48. Workflow Coordinating activities by participants WebWorkFlow - object-oriented workflow definition - integrate all aspects of workflow ★ data ★ user interface ★ access control ★ control-flow - abstractions on top of base WebDSL Wednesday, March 10, 2010
  • 49. WebWorkFlow by Example: Progress Meeting Wednesday, March 10, 2010
  • 51. workflow procedure workflow object procedure call process definition Wednesday, March 10, 2010
  • 52. parallel enable next step iterate Wednesday, March 10, 2010
  • 53. access control access control Wednesday, March 10, 2010
  • 59. Workflow Remarks Recursive workflows (see paper) Issue: user interface patterns for workflow Is workflow an anti-pattern? - is workflow good interaction design? - determine order of user actions - what are alternatives? Wednesday, March 10, 2010
  • 61. search annotations search queries Wednesday, March 10, 2010
  • 62. AJAX Michel Weststrate. Abstractions for Asynchronous User Interfaces in Web Applications.Master's thesis, Delft University of Technology, 2009. Wednesday, March 10, 2010
  • 63. AJAX Deliver page fragments, not just full pages - Replace page elements by new fragments - Templates are unit of replacement Wednesday, March 10, 2010
  • 64. placeholder default view Wednesday, March 10, 2010
  • 66. Summary Access control policies ★ constraints over objects ★ encoding of standard policies (DAC, RBAC) Data validation ★ form validation & data integrity Workflow ★ coordinating activities of multiple participants Search based on data model annotations AJAX: accessing page fragments (templates) Wednesday, March 10, 2010
  • 67. Schedule Lab this week ★ WebDSL application Cases ★ Case 2: web abstractions ★ Read: Declarative Access Control for WebDSL ★ Read: Integration of Data Validation and User Interface Concerns ★ Read: WebWorkFlow Next ★ Lecture 5: WebDSL implementation strategies ★ Lecture 6 & 7: modeling languages Wednesday, March 10, 2010