How to show security classes in part II?
Nishant Anshul
Ranch Hand
Posts: 72
posted 13 years ago
Hi guys,
I understand we show functional classes in diagrams. But there r some classes like ACM or Principal related classes (for authorisation). OR....LDAP etc ( for authentication).
Can anyone tell me... do we show these in class diagrams..i think i shudnt show them here...but may be in sequence diagram....and definitely in component diagrams...
plz someone clarify it...
with rgds,
I understand we show functional classes in diagrams. But there r some classes like ACM or Principal related classes (for authorisation). OR....LDAP etc ( for authentication).
Can anyone tell me... do we show these in class diagrams..i think i shudnt show them here...but may be in sequence diagram....and definitely in component diagrams...
plz someone clarify it...
with rgds,
SCEA-I, BCJP<p>IBM (India)
Ajith Kallambella
Sheriff
Posts: 5782
posted 13 years ago
Ideally the class diagrams do not represent implementation/infrastuctural details. Security is one such thing. If you insist, you could show it as a package in the component diagram. It is hard to model them in sequence diagrams - perhaps you can just use a SecurityService object that works as a blackbox and use it in the sequence diagram. If you do so, make sure you include the description and list assumptions in a supplementary document.
Hope that helps,
Hope that helps,
Open Group Certified Distinguished IT Architect. Open Group Certified Master IT Architect. Sun Certified Architect (SCEA).
Nishant Anshul
Ranch Hand
Posts: 72
Juan Rolando Prieur-Reza
Ranch Hand
Posts: 237
posted 13 years ago
These are general guidelines, not specific to SCEA exams...
Any software components, including those which happen to be concerned with security, should be shown on the component diagram along with dependencies on them from other components.
In sequence diagrams, any business functionality that is required should be shown. If the Use Cases or stated requirements define interactions between classes that happen to include security, they should be shown. Instance data, such as a particular name of a user, role, etc. would not be shown in sequence diagrams whether or not they are security related.
[ October 02, 2003: Message edited by: john prieur ]
Originally posted by Nishant Anshul:
...shudnt show them here...but may be in sequence diagram...
These are general guidelines, not specific to SCEA exams...
Any software components, including those which happen to be concerned with security, should be shown on the component diagram along with dependencies on them from other components.
In sequence diagrams, any business functionality that is required should be shown. If the Use Cases or stated requirements define interactions between classes that happen to include security, they should be shown. Instance data, such as a particular name of a user, role, etc. would not be shown in sequence diagrams whether or not they are security related.
[ October 02, 2003: Message edited by: john prieur ]
Juan Rolando Prieur-Reza, M.S., LSSBB, SCEA, SCBCD, SCWCD, SCJP/1.6, IBM OOAD, SCSA
Hong Ho
Greenhorn
Posts: 11
Nishant Anshul
Ranch Hand
Posts: 72
posted 13 years ago
Thanks John for ur input..
I agree with Ajith abt the black box approach in a seq diag..if at all it becomes indispensable..
Hey Hong..it just shows the funny side of english language or u can say how people can make english look like funny...sorry no contempts !!..just for sake of fun...okayyyy
I agree with Ajith abt the black box approach in a seq diag..if at all it becomes indispensable..
Hey Hong..it just shows the funny side of english language or u can say how people can make english look like funny...sorry no contempts !!..just for sake of fun...okayyyy
SCEA-I, BCJP<p>IBM (India)
