Mario's Technical POV

This blog contains my technical point-of-view on a wide range of topics from technology, leadership, and business. This blog will cover a diverse set of topics and jump from general overviews to deep dives. Your thoughtful comments are always welcomed.


Addressing Security Concerns with Aspect-Oriented Design

This is a presentation reviewing the state-of-the-art methods addressing Security Concerns in Software Systems.

Addressing Security Concerns with Aspect-Oriented Design

This paper presents an aspectized solution for addressing security concerns in an existing system. Security as a non-functional requirement tends to be overlooked or deferred until after design and implementation phases of a project [4]. When applying Object-Oriented Design, system decomposed occurs around a single dimension. This typically revolves around a focus on process or data flow resulting in other dimensions such as security, performance, or logging to cross-cut the primary dimension of decomposition [2]. Security concerns affect the broader system with complex logic that requires frequent updates and maintenance increasing the risk of defects. Because security patterns increase tangling and scattering by increasing dependencies between objects in the system, addressing this concern in an aspect-oriented approach provides an elegant encapsulation of the security mechanisms and produces better modularity across the system [7].

Aspect-Oriented Whiteboard Pattern

The Whiteboard pattern takes advantage of the centralized OSGi Service Registry as an intermediary that can be used to decouple the listener from the observable. In addition to reducing tangling, this also achieves the desired effect of allowing the listener services to run through its lifecycle starting and stopping without holding. As a result, this allows for better memory management, since garbage collection can reclaim memory from stale listeners that are no longer used.

Unfortunately, Whiteboard pattern introduces a lot of dependency on the OSGi framework itself but requiring all the elements of the Whiteboard pattern to interact with the service registry at various points in the lifecycle. This produces additional unwanted coupling and complexity. This paper proposes an aspectized implementation of the Whiteboard pattern that preserves the principle design elements while simplifying and decoupling the pattern elements from the OSGi framework.

Automated Ontology Learning Algorithms and Methods

Ontologies are a vital aspect of any cognitive or expert system seeking to provide semantic understanding of a given domain. This paper will review the current methods for automating the extraction of ontology from a corpus of textual documents through the use of various learning algorithms presented from a collection of papers on this topic. The aim of these methods presented is to produce a conceptual hierarchy along with semantic relationships for defined set of concepts given a collection (corpus) of domain specific documents

Doppio: Browser Execution Environment for Java

This paper review the Doppio Runtime Execution Environment for Web Browsers allowing for high-level programming languages to be directly interpreted by the browser without alterations.

IBM Systems Management Security Considerations

This white paper explores security considerations using IBM Systems Management Software including IBM Service and Support Manager. The paper examines specific configurations and settings that should be considered to strengthen security and close vulnerabilities.

Kanban: Agile 2.0?

This paper explores some of the challenges that many teams still face after adopting an agile methodology for system development. The paper reviews several issues and looks to Lean and Kanban methods to address these common problems with specific solutions and techniques.

Java Performance Profiling

This article will demonstrate the Eclipse Test & Performance Tools Platform. This tutorial will include the installation, setup, and usage of TPTP including instructions on remotely profiling an application running in a production or test environment. This tutorial will also provide tips on how to interpret results for various metrics collected