I will be giving a keynote address at The 10th International Conference for Internet Technology and Secured Transactions (ICITST-2015) in London next Tuesday, December 15th.
My presentation will discuss “Secure Software Engineering Curriculum”. In my talk, I will investigate the problem of teaching the secure development of cloud-based enterprise applications. I investigate what services should be provided by future operating systems to software applications. Consistency, availability, and durability are investigated for web service (WS) transactions. I propose an approach that matches the availability of the popular lazy replica update propagation method while increasing durability and consistency. My replica update propagation method is called the “Buddy System”, which requires that updates are preserved synchronously in two replicas. The first implementation schedules fine-grained WS transactions. In these transactions, each activity is a low-level database operation. Later, I consider each transaction as a black box, with only the corresponding Metadata, expressed as UML specifications, as transaction semantics. I refer to these WS transactions as coarse-grained WS transactions. The “Buddy System” can handle these coarse-grained WS transactions, using UML stereotypes that allow scheduling semantics to be embedded into the design model. I show that my approach guarantees one-copy serializability, matches the performance of the lazy update propagation methods, and increases durability in the presence of hardware failures. The talk will conclude with current work investigating consistency guarantees for integration of external systems, cloud-based data models, and payment security.