SlideShare uma empresa Scribd logo

Model-Driven Software Development - Web Abstractions 2

Eelco Visser
Eelco Visser

Fourth lecture in course "Model-Driven Software Development" at Delft University of Technology

EducaçãoNegóciosTecnologia
1 de 67
Baixar para ler offline
Web Abstractions 1I access control policies, data validation, workflow, ajax, search Lecture 4 Course IN4308 Eelco Visser Master Computer Science http://eelcovisser.org Delft University of Technology Wednesday, March 10, 2010
Modeling Modeling IDEs Software Systems Modeling Transforming Web Programs Software Models Implementing Software Language Web Models Engineering Strategies Modeling Make your own Software Languages Software Languages Wednesday, March 10, 2010
Web Abstractions from a declarative point of view (we’ll investigate underlying mechanisms later) Wednesday, March 10, 2010
More Web Abstractions - Access control policies ★ constraints over objects ★ role-based AC, discretionary AC - Data validation ★ form validation ★ data integrity - Workflow - Search - AJAX: accessing page fragments (templates) Wednesday, March 10, 2010
Access Control Danny M. Groenewegen, Eelco Visser. Declarative Access Control for WebDSL: Combining Language Integration and Separation of Concerns. ICWE 2008: 175-188 Wednesday, March 10, 2010
Case 2: Access Control Policy for Conference Papers ★ has authors Authors ★ submit papers, read reviews Reviewers ★ write review for paper & discuss papers ★ are anonymous (for authors) Conflicts ★ author cannot be reviewer ★ reviewer not related to authors Wednesday, March 10, 2010
Access Control Mechanisms Wednesday, March 10, 2010
WebDSL Access Control Constraints over data model - boolean expression over properties of objects Rules restrict access to resources - page, template, action Infer restriction of navigation - don’t show link to inaccessible page or forbidden action Wednesday, March 10, 2010
Principal representation of principal turn on access control Wednesday, March 10, 2010
Access Control Rules ‘may access page f with argument x if boolean expression e is true’ Wednesday, March 10, 2010
Wiki Access Control Rules ‘anyone can view existing pages, only logged in users can create pages’ ‘only logged in users may edit pages’ Wednesday, March 10, 2010
Wiki Access Control Rules Wednesday, March 10, 2010
Wiki Access Control Rules Wednesday, March 10, 2010
Wiki Access Control Rules Wednesday, March 10, 2010
Wiki Access Control Rules Wednesday, March 10, 2010
Access Control Policies Wednesday, March 10, 2010
Access Control Policies Standard Policies - Mandatory access control - Discretionary access control - Role-based access control Mixing policies - Role-based + discretionary access control WebDSL - No restrictions on access control policies Wednesday, March 10, 2010
Encoding Access Control Policies Rules - Who may access which resources? - Who can apply which actions? Representation - How are permissions stored? Administration - How can permissions be changed? - Who can change permissions? Wednesday, March 10, 2010
Wiki: Data Model Wednesday, March 10, 2010
Wiki: User Interface Templates (abbreviated to navigation structure) Wednesday, March 10, 2010
Wiki: Generic Access Control Rules Wednesday, March 10, 2010
Mandatory Access Control Security Labels ★ Classification label protects object • Top Secret, Secret, Confidential, Unclassified ★ Clearance indicates access of subject Confidentiality rules ★ Read-down: clearance should be higher than or equal to classification document to read ★ Write-up: clearance is lower than or equal to classification of document to write Wednesday, March 10, 2010
MAC: representation Wednesday, March 10, 2010
MAC: predicates Wednesday, March 10, 2010
Discretionary Access Control Access control lists - objects have owner - owner grants, revokes users access to object Example: Unix file permissions - read, write, execute permissions for - owner, group, anyone Wednesday, March 10, 2010
DAC: representation Wednesday, March 10, 2010
DAC: predicates Wednesday, March 10, 2010
DAC: administration Wednesday, March 10, 2010
Role-Based Access Control Role: group of activities - authorization assigned to roles - users assigned to roles - robust to organizational changes Hierarchical roles - least privilege: use minimal permissions for task Separation of duties - critical actions require coordination Wednesday, March 10, 2010
RBAC: representation Wednesday, March 10, 2010
RBAC: predicates Wednesday, March 10, 2010
RBAC: administration Wednesday, March 10, 2010
Mixing Access Control Policies Real policies - Mix of DAC & RBAC - AC rules are constraints over object graph WebDSL - No policies built-in Wednesday, March 10, 2010
Case 2: Access Control Policy for Conference Papers ★ has authors Authors ★ submit papers, read reviews Reviewers ★ write review for paper & discuss papers ★ are anonymous (for authors) Conflicts ★ author cannot be reviewer ★ reviewer not related to authors Wednesday, March 10, 2010
Data Validation Danny M. Groenewegen, Eelco Visser. Integration of Data Validation and User Interface Concerns in a DSL for Web Applications. SLE 2010 Wednesday, March 10, 2010
Data Validation Check input & maintain data integrity Types of validation - Value well-formedness - Data invariants - Input assertions - Action assertions User interface integration - Display errors Wednesday, March 10, 2010
Validation Rules data validation form validation action assertions messages Wednesday, March 10, 2010
Value Well-Formedness Wednesday, March 10, 2010
Customizing Value Well-Formedness Rules Wednesday, March 10, 2010
Data Invariants Wednesday, March 10, 2010
Data Invariants Wednesday, March 10, 2010
Data Invariants Wednesday, March 10, 2010
Data Invariants Wednesday, March 10, 2010
Input Assertions Wednesday, March 10, 2010
Action Assertions Wednesday, March 10, 2010
Customizing Error Messages Wednesday, March 10, 2010
Workflow Zef Hemel, Ruben Verhaaf, Eelco Visser. WebWorkFlow: An Object-Oriented Workflow Modeling Language for Web Applications. MoDELS 2008: 113-127 Note: WebWorkFlow is not supported by current version of WebDSL Wednesday, March 10, 2010
Workflow Coordinating activities by participants WebWorkFlow - object-oriented workflow definition - integrate all aspects of workflow ★ data ★ user interface ★ access control ★ control-flow - abstractions on top of base WebDSL Wednesday, March 10, 2010
WebWorkFlow by Example: Progress Meeting Wednesday, March 10, 2010
Wednesday, March 10, 2010
workflow procedure workflow object procedure call process definition Wednesday, March 10, 2010
parallel enable next step iterate Wednesday, March 10, 2010
access control access control Wednesday, March 10, 2010
Wednesday, March 10, 2010
Wednesday, March 10, 2010
action Wednesday, March 10, 2010
no user interface Wednesday, March 10, 2010
condition Wednesday, March 10, 2010
Workflow Remarks Recursive workflows (see paper) Issue: user interface patterns for workflow Is workflow an anti-pattern? - is workflow good interaction design? - determine order of user actions - what are alternatives? Wednesday, March 10, 2010
Search Wednesday, March 10, 2010
search annotations search queries Wednesday, March 10, 2010
AJAX Michel Weststrate. Abstractions for Asynchronous User Interfaces in Web Applications.Master's thesis, Delft University of Technology, 2009. Wednesday, March 10, 2010
AJAX Deliver page fragments, not just full pages - Replace page elements by new fragments - Templates are unit of replacement Wednesday, March 10, 2010
placeholder default view Wednesday, March 10, 2010
replace Wednesday, March 10, 2010
Summary Access control policies ★ constraints over objects ★ encoding of standard policies (DAC, RBAC) Data validation ★ form validation & data integrity Workflow ★ coordinating activities of multiple participants Search based on data model annotations AJAX: accessing page fragments (templates) Wednesday, March 10, 2010
Schedule Lab this week ★ WebDSL application Cases ★ Case 2: web abstractions ★ Read: Declarative Access Control for WebDSL ★ Read: Integration of Data Validation and User Interface Concerns ★ Read: WebWorkFlow Next ★ Lecture 5: WebDSL implementation strategies ★ Lecture 6 & 7: modeling languages Wednesday, March 10, 2010

Recomendados

Comm@baruch
Comm@baruchComm@baruch
Comm@baruchLuke Waltzer
 
Functional programming
Functional programmingFunctional programming
Functional programmingMartin Skurla
 
Composing Domain-Specific Languages
Composing Domain-Specific LanguagesComposing Domain-Specific Languages
Composing Domain-Specific LanguagesEelco Visser
 
Investment Banking Book (3rd edition)
Investment Banking Book (3rd edition)Investment Banking Book (3rd edition)
Investment Banking Book (3rd edition)ibtdb-tj
 
Why Is Excel VBA So Important For Banks ?
Why Is Excel VBA So Important For Banks ?Why Is Excel VBA So Important For Banks ?
Why Is Excel VBA So Important For Banks ?Jack Tellington
 
Domain Specific Languages
Domain Specific LanguagesDomain Specific Languages
Domain Specific LanguagesWee Witthawaskul
 
Python for Financial Data Analysis with pandas
Python for Financial Data Analysis with pandasPython for Financial Data Analysis with pandas
Python for Financial Data Analysis with pandasWes McKinney
 
Investment Banking presentation
Investment Banking presentation Investment Banking presentation
Investment Banking presentation Ketan Likhite
 

Recomendados

Comm@baruch
Comm@baruchComm@baruch
Comm@baruchLuke Waltzer
 
Functional programming
Functional programmingFunctional programming
Functional programmingMartin Skurla
 
Composing Domain-Specific Languages
Composing Domain-Specific LanguagesComposing Domain-Specific Languages
Composing Domain-Specific LanguagesEelco Visser
 
Investment Banking Book (3rd edition)
Investment Banking Book (3rd edition)Investment Banking Book (3rd edition)
Investment Banking Book (3rd edition)ibtdb-tj
 
Why Is Excel VBA So Important For Banks ?
Why Is Excel VBA So Important For Banks ?Why Is Excel VBA So Important For Banks ?
Why Is Excel VBA So Important For Banks ?Jack Tellington
 
Domain Specific Languages
Domain Specific LanguagesDomain Specific Languages
Domain Specific LanguagesWee Witthawaskul
 
Python for Financial Data Analysis with pandas
Python for Financial Data Analysis with pandasPython for Financial Data Analysis with pandas
Python for Financial Data Analysis with pandasWes McKinney
 
Investment Banking presentation
Investment Banking presentation Investment Banking presentation
Investment Banking presentation Ketan Likhite
 
Model-Driven Software Development - Web Abstractions 1
Model-Driven Software Development - Web Abstractions 1Model-Driven Software Development - Web Abstractions 1
Model-Driven Software Development - Web Abstractions 1Eelco Visser
 
Vertically Challenged
Vertically ChallengedVertically Challenged
Vertically ChallengedCommand Prompt., Inc
 
Portfolio 2007-2009
Portfolio 2007-2009Portfolio 2007-2009
Portfolio 2007-2009Jacqueline (Jax) Wechsler
 
Mobile Development with uPortal and Infusion
Mobile Development with uPortal and InfusionMobile Development with uPortal and Infusion
Mobile Development with uPortal and Infusioncolinbdclark
 
Introduction to Web Terminology
Introduction to Web TerminologyIntroduction to Web Terminology
Introduction to Web TerminologyNicole C. Engard
 
Service Integration - A Web of Things Perspective
Service Integration - A Web of Things PerspectiveService Integration - A Web of Things Perspective
Service Integration - A Web of Things PerspectiveSimon Mayer
 
Please Don't Touch the Slow Parts
Please Don't Touch the Slow PartsPlease Don't Touch the Slow Parts
Please Don't Touch the Slow PartsFederico Galassi
 
An On-line Collaborative Data Management System
An On-line Collaborative Data Management SystemAn On-line Collaborative Data Management System
An On-line Collaborative Data Management SystemCameron Kiddle
 
Jung 2010
Jung 2010Jung 2010
Jung 2010Haklae Kim
 
Symfony in the Cloud
Symfony in the CloudSymfony in the Cloud
Symfony in the CloudKris Wallsmith
 
Linked Data and the Semantic Web - Mimas Seminar
Linked Data and the Semantic Web - Mimas SeminarLinked Data and the Semantic Web - Mimas Seminar
Linked Data and the Semantic Web - Mimas SeminarAdrian Stevenson
 
The Revolution Of Cloud Computing
The Revolution Of Cloud ComputingThe Revolution Of Cloud Computing
The Revolution Of Cloud ComputingCarmen Sanborn
 
Persistence Smoothie
Persistence SmoothiePersistence Smoothie
Persistence SmoothieMichael Bleigh
 
Introduction to the Semantic Web
Introduction to the Semantic WebIntroduction to the Semantic Web
Introduction to the Semantic WebMarin Dimitrov
 
Web 3.0: The Upcoming Revolution
Web 3.0: The Upcoming RevolutionWeb 3.0: The Upcoming Revolution
Web 3.0: The Upcoming RevolutionNitin Godawat
 
Data and Information Extraction on the Web
Data and Information Extraction on the WebData and Information Extraction on the Web
Data and Information Extraction on the WebTommaso Teofili
 
Semantic Technologies: Which Way Now? – UKOLN Response
Semantic Technologies: Which Way Now? – UKOLN ResponseSemantic Technologies: Which Way Now? – UKOLN Response
Semantic Technologies: Which Way Now? – UKOLN ResponseAdrian Stevenson
 
eLearning2.0
eLearning2.0eLearning2.0
eLearning2.0Anne Bartlett-Bragg
 
OvertheAir 2010 html5 impact on application programming
OvertheAir 2010 html5 impact on application programmingOvertheAir 2010 html5 impact on application programming
OvertheAir 2010 html5 impact on application programmingTor Björn Minde
 
HTML5 impact on application programming
HTML5 impact on application programmingHTML5 impact on application programming
HTML5 impact on application programmingEricsson Labs
 
CS4200 2019 | Lecture 5 | Transformation by Term Rewriting
CS4200 2019 | Lecture 5 | Transformation by Term RewritingCS4200 2019 | Lecture 5 | Transformation by Term Rewriting
CS4200 2019 | Lecture 5 | Transformation by Term RewritingEelco Visser
 
CS4200 2019 | Lecture 4 | Syntactic Services
CS4200 2019 | Lecture 4 | Syntactic ServicesCS4200 2019 | Lecture 4 | Syntactic Services
CS4200 2019 | Lecture 4 | Syntactic ServicesEelco Visser
 

Mais conteúdo relacionado

Semelhante a Model-Driven Software Development - Web Abstractions 2

Model-Driven Software Development - Web Abstractions 1
Model-Driven Software Development - Web Abstractions 1Model-Driven Software Development - Web Abstractions 1
Model-Driven Software Development - Web Abstractions 1Eelco Visser
 
Mobile Development with uPortal and Infusion
Mobile Development with uPortal and InfusionMobile Development with uPortal and Infusion
Mobile Development with uPortal and Infusioncolinbdclark
 
Introduction to Web Terminology
Introduction to Web TerminologyIntroduction to Web Terminology
Introduction to Web TerminologyNicole C. Engard
 
Service Integration - A Web of Things Perspective
Service Integration - A Web of Things PerspectiveService Integration - A Web of Things Perspective
Service Integration - A Web of Things PerspectiveSimon Mayer
 
Please Don't Touch the Slow Parts
Please Don't Touch the Slow PartsPlease Don't Touch the Slow Parts
Please Don't Touch the Slow PartsFederico Galassi
 
An On-line Collaborative Data Management System
An On-line Collaborative Data Management SystemAn On-line Collaborative Data Management System
An On-line Collaborative Data Management SystemCameron Kiddle
 
Linked Data and the Semantic Web - Mimas Seminar
Linked Data and the Semantic Web - Mimas SeminarLinked Data and the Semantic Web - Mimas Seminar
Linked Data and the Semantic Web - Mimas SeminarAdrian Stevenson
 
The Revolution Of Cloud Computing
The Revolution Of Cloud ComputingThe Revolution Of Cloud Computing
The Revolution Of Cloud ComputingCarmen Sanborn
 
Introduction to the Semantic Web
Introduction to the Semantic WebIntroduction to the Semantic Web
Introduction to the Semantic WebMarin Dimitrov
 
Web 3.0: The Upcoming Revolution
Web 3.0: The Upcoming RevolutionWeb 3.0: The Upcoming Revolution
Web 3.0: The Upcoming RevolutionNitin Godawat
 
Data and Information Extraction on the Web
Data and Information Extraction on the WebData and Information Extraction on the Web
Data and Information Extraction on the WebTommaso Teofili
 
Semantic Technologies: Which Way Now? – UKOLN Response
Semantic Technologies: Which Way Now? – UKOLN ResponseSemantic Technologies: Which Way Now? – UKOLN Response
Semantic Technologies: Which Way Now? – UKOLN ResponseAdrian Stevenson
 
OvertheAir 2010 html5 impact on application programming
OvertheAir 2010 html5 impact on application programmingOvertheAir 2010 html5 impact on application programming
OvertheAir 2010 html5 impact on application programmingTor Björn Minde
 
HTML5 impact on application programming
HTML5 impact on application programmingHTML5 impact on application programming
HTML5 impact on application programmingEricsson Labs
 

Semelhante a Model-Driven Software Development - Web Abstractions 2 (20)

Model-Driven Software Development - Web Abstractions 1
Model-Driven Software Development - Web Abstractions 1Model-Driven Software Development - Web Abstractions 1
Model-Driven Software Development - Web Abstractions 1
 
Vertically Challenged
Vertically ChallengedVertically Challenged
Vertically Challenged
 
Portfolio 2007-2009
Portfolio 2007-2009Portfolio 2007-2009
Portfolio 2007-2009
 
Mobile Development with uPortal and Infusion
Mobile Development with uPortal and InfusionMobile Development with uPortal and Infusion
Mobile Development with uPortal and Infusion
 
Introduction to Web Terminology
Introduction to Web TerminologyIntroduction to Web Terminology
Introduction to Web Terminology
 
Service Integration - A Web of Things Perspective
Service Integration - A Web of Things PerspectiveService Integration - A Web of Things Perspective
Service Integration - A Web of Things Perspective
 
Please Don't Touch the Slow Parts
Please Don't Touch the Slow PartsPlease Don't Touch the Slow Parts
Please Don't Touch the Slow Parts
 
An On-line Collaborative Data Management System
An On-line Collaborative Data Management SystemAn On-line Collaborative Data Management System
An On-line Collaborative Data Management System
 
Jung 2010
Jung 2010Jung 2010
Jung 2010
 
Symfony in the Cloud
Symfony in the CloudSymfony in the Cloud
Symfony in the Cloud
 
Linked Data and the Semantic Web - Mimas Seminar
Linked Data and the Semantic Web - Mimas SeminarLinked Data and the Semantic Web - Mimas Seminar
Linked Data and the Semantic Web - Mimas Seminar
 
The Revolution Of Cloud Computing
The Revolution Of Cloud ComputingThe Revolution Of Cloud Computing
The Revolution Of Cloud Computing
 
Persistence Smoothie
Persistence SmoothiePersistence Smoothie
Persistence Smoothie
 
Introduction to the Semantic Web
Introduction to the Semantic WebIntroduction to the Semantic Web
Introduction to the Semantic Web
 
Web 3.0: The Upcoming Revolution
Web 3.0: The Upcoming RevolutionWeb 3.0: The Upcoming Revolution
Web 3.0: The Upcoming Revolution
 
Data and Information Extraction on the Web
Data and Information Extraction on the WebData and Information Extraction on the Web
Data and Information Extraction on the Web
 
Semantic Technologies: Which Way Now? – UKOLN Response
Semantic Technologies: Which Way Now? – UKOLN ResponseSemantic Technologies: Which Way Now? – UKOLN Response
Semantic Technologies: Which Way Now? – UKOLN Response
 
eLearning2.0
eLearning2.0eLearning2.0
eLearning2.0
 
OvertheAir 2010 html5 impact on application programming
OvertheAir 2010 html5 impact on application programmingOvertheAir 2010 html5 impact on application programming
OvertheAir 2010 html5 impact on application programming
 
HTML5 impact on application programming
HTML5 impact on application programmingHTML5 impact on application programming
HTML5 impact on application programming
 

Mais de Eelco Visser

CS4200 2019 | Lecture 5 | Transformation by Term Rewriting
CS4200 2019 | Lecture 5 | Transformation by Term RewritingCS4200 2019 | Lecture 5 | Transformation by Term Rewriting
CS4200 2019 | Lecture 5 | Transformation by Term RewritingEelco Visser
 
CS4200 2019 | Lecture 4 | Syntactic Services
CS4200 2019 | Lecture 4 | Syntactic ServicesCS4200 2019 | Lecture 4 | Syntactic Services
CS4200 2019 | Lecture 4 | Syntactic ServicesEelco Visser
 
CS4200 2019 | Lecture 3 | Parsing
CS4200 2019 | Lecture 3 | ParsingCS4200 2019 | Lecture 3 | Parsing
CS4200 2019 | Lecture 3 | ParsingEelco Visser
 
CS4200 2019 | Lecture 2 | syntax-definition
CS4200 2019 | Lecture 2 | syntax-definitionCS4200 2019 | Lecture 2 | syntax-definition
CS4200 2019 | Lecture 2 | syntax-definitionEelco Visser
 
CS4200 2019 Lecture 1: Introduction
CS4200 2019 Lecture 1: IntroductionCS4200 2019 Lecture 1: Introduction
CS4200 2019 Lecture 1: IntroductionEelco Visser
 
A Direct Semantics of Declarative Disambiguation Rules
A Direct Semantics of Declarative Disambiguation RulesA Direct Semantics of Declarative Disambiguation Rules
A Direct Semantics of Declarative Disambiguation RulesEelco Visser
 
Declarative Type System Specification with Statix
Declarative Type System Specification with StatixDeclarative Type System Specification with Statix
Declarative Type System Specification with StatixEelco Visser
 
Compiler Construction | Lecture 17 | Beyond Compiler Construction
Compiler Construction | Lecture 17 | Beyond Compiler ConstructionCompiler Construction | Lecture 17 | Beyond Compiler Construction
Compiler Construction | Lecture 17 | Beyond Compiler ConstructionEelco Visser
 
Domain Specific Languages for Parallel Graph AnalytiX (PGX)
Domain Specific Languages for Parallel Graph AnalytiX (PGX)Domain Specific Languages for Parallel Graph AnalytiX (PGX)
Domain Specific Languages for Parallel Graph AnalytiX (PGX)Eelco Visser
 
Compiler Construction | Lecture 15 | Memory Management
Compiler Construction | Lecture 15 | Memory ManagementCompiler Construction | Lecture 15 | Memory Management
Compiler Construction | Lecture 15 | Memory ManagementEelco Visser
 
Compiler Construction | Lecture 14 | Interpreters
Compiler Construction | Lecture 14 | InterpretersCompiler Construction | Lecture 14 | Interpreters
Compiler Construction | Lecture 14 | InterpretersEelco Visser
 
Compiler Construction | Lecture 13 | Code Generation
Compiler Construction | Lecture 13 | Code GenerationCompiler Construction | Lecture 13 | Code Generation
Compiler Construction | Lecture 13 | Code GenerationEelco Visser
 
Compiler Construction | Lecture 12 | Virtual Machines
Compiler Construction | Lecture 12 | Virtual MachinesCompiler Construction | Lecture 12 | Virtual Machines
Compiler Construction | Lecture 12 | Virtual MachinesEelco Visser
 
Compiler Construction | Lecture 11 | Monotone Frameworks
Compiler Construction | Lecture 11 | Monotone FrameworksCompiler Construction | Lecture 11 | Monotone Frameworks
Compiler Construction | Lecture 11 | Monotone FrameworksEelco Visser
 
Compiler Construction | Lecture 10 | Data-Flow Analysis
Compiler Construction | Lecture 10 | Data-Flow AnalysisCompiler Construction | Lecture 10 | Data-Flow Analysis
Compiler Construction | Lecture 10 | Data-Flow AnalysisEelco Visser
 
Compiler Construction | Lecture 9 | Constraint Resolution
Compiler Construction | Lecture 9 | Constraint ResolutionCompiler Construction | Lecture 9 | Constraint Resolution
Compiler Construction | Lecture 9 | Constraint ResolutionEelco Visser
 
Compiler Construction | Lecture 8 | Type Constraints
Compiler Construction | Lecture 8 | Type ConstraintsCompiler Construction | Lecture 8 | Type Constraints
Compiler Construction | Lecture 8 | Type ConstraintsEelco Visser
 
Compiler Construction | Lecture 7 | Type Checking
Compiler Construction | Lecture 7 | Type CheckingCompiler Construction | Lecture 7 | Type Checking
Compiler Construction | Lecture 7 | Type CheckingEelco Visser
 
Compiler Construction | Lecture 6 | Introduction to Static Analysis
Compiler Construction | Lecture 6 | Introduction to Static AnalysisCompiler Construction | Lecture 6 | Introduction to Static Analysis
Compiler Construction | Lecture 6 | Introduction to Static AnalysisEelco Visser
 
Compiler Construction | Lecture 5 | Transformation by Term Rewriting
Compiler Construction | Lecture 5 | Transformation by Term RewritingCompiler Construction | Lecture 5 | Transformation by Term Rewriting
Compiler Construction | Lecture 5 | Transformation by Term RewritingEelco Visser
 

Mais de Eelco Visser (20)

CS4200 2019 | Lecture 5 | Transformation by Term Rewriting
CS4200 2019 | Lecture 5 | Transformation by Term RewritingCS4200 2019 | Lecture 5 | Transformation by Term Rewriting
CS4200 2019 | Lecture 5 | Transformation by Term Rewriting
 
CS4200 2019 | Lecture 4 | Syntactic Services
CS4200 2019 | Lecture 4 | Syntactic ServicesCS4200 2019 | Lecture 4 | Syntactic Services
CS4200 2019 | Lecture 4 | Syntactic Services
 
CS4200 2019 | Lecture 3 | Parsing
CS4200 2019 | Lecture 3 | ParsingCS4200 2019 | Lecture 3 | Parsing
CS4200 2019 | Lecture 3 | Parsing
 
CS4200 2019 | Lecture 2 | syntax-definition
CS4200 2019 | Lecture 2 | syntax-definitionCS4200 2019 | Lecture 2 | syntax-definition
CS4200 2019 | Lecture 2 | syntax-definition
 
CS4200 2019 Lecture 1: Introduction
CS4200 2019 Lecture 1: IntroductionCS4200 2019 Lecture 1: Introduction
CS4200 2019 Lecture 1: Introduction
 
A Direct Semantics of Declarative Disambiguation Rules
A Direct Semantics of Declarative Disambiguation RulesA Direct Semantics of Declarative Disambiguation Rules
A Direct Semantics of Declarative Disambiguation Rules
 
Declarative Type System Specification with Statix
Declarative Type System Specification with StatixDeclarative Type System Specification with Statix
Declarative Type System Specification with Statix
 
Compiler Construction | Lecture 17 | Beyond Compiler Construction
Compiler Construction | Lecture 17 | Beyond Compiler ConstructionCompiler Construction | Lecture 17 | Beyond Compiler Construction
Compiler Construction | Lecture 17 | Beyond Compiler Construction
 
Domain Specific Languages for Parallel Graph AnalytiX (PGX)
Domain Specific Languages for Parallel Graph AnalytiX (PGX)Domain Specific Languages for Parallel Graph AnalytiX (PGX)
Domain Specific Languages for Parallel Graph AnalytiX (PGX)
 
Compiler Construction | Lecture 15 | Memory Management
Compiler Construction | Lecture 15 | Memory ManagementCompiler Construction | Lecture 15 | Memory Management
Compiler Construction | Lecture 15 | Memory Management
 
Compiler Construction | Lecture 14 | Interpreters
Compiler Construction | Lecture 14 | InterpretersCompiler Construction | Lecture 14 | Interpreters
Compiler Construction | Lecture 14 | Interpreters
 
Compiler Construction | Lecture 13 | Code Generation
Compiler Construction | Lecture 13 | Code GenerationCompiler Construction | Lecture 13 | Code Generation
Compiler Construction | Lecture 13 | Code Generation
 
Compiler Construction | Lecture 12 | Virtual Machines
Compiler Construction | Lecture 12 | Virtual MachinesCompiler Construction | Lecture 12 | Virtual Machines
Compiler Construction | Lecture 12 | Virtual Machines
 
Compiler Construction | Lecture 11 | Monotone Frameworks
Compiler Construction | Lecture 11 | Monotone FrameworksCompiler Construction | Lecture 11 | Monotone Frameworks
Compiler Construction | Lecture 11 | Monotone Frameworks
 
Compiler Construction | Lecture 10 | Data-Flow Analysis
Compiler Construction | Lecture 10 | Data-Flow AnalysisCompiler Construction | Lecture 10 | Data-Flow Analysis
Compiler Construction | Lecture 10 | Data-Flow Analysis
 
Compiler Construction | Lecture 9 | Constraint Resolution
Compiler Construction | Lecture 9 | Constraint ResolutionCompiler Construction | Lecture 9 | Constraint Resolution
Compiler Construction | Lecture 9 | Constraint Resolution
 
Compiler Construction | Lecture 8 | Type Constraints
Compiler Construction | Lecture 8 | Type ConstraintsCompiler Construction | Lecture 8 | Type Constraints
Compiler Construction | Lecture 8 | Type Constraints
 
Compiler Construction | Lecture 7 | Type Checking
Compiler Construction | Lecture 7 | Type CheckingCompiler Construction | Lecture 7 | Type Checking
Compiler Construction | Lecture 7 | Type Checking
 
Compiler Construction | Lecture 6 | Introduction to Static Analysis
Compiler Construction | Lecture 6 | Introduction to Static AnalysisCompiler Construction | Lecture 6 | Introduction to Static Analysis
Compiler Construction | Lecture 6 | Introduction to Static Analysis
 
Compiler Construction | Lecture 5 | Transformation by Term Rewriting
Compiler Construction | Lecture 5 | Transformation by Term RewritingCompiler Construction | Lecture 5 | Transformation by Term Rewriting
Compiler Construction | Lecture 5 | Transformation by Term Rewriting
 

Último

Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomPooky Knightsmith
 
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...Amil baba
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024Elizabeth Walsh
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jisc
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxRamakrishna Reddy Bijjam
 
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Pooja Bhuva
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfNirmal Dwivedi
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfSherif Taha
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfPoh-Sun Goh
 
Single or Multiple melodic lines structure
Single or Multiple melodic lines structureSingle or Multiple melodic lines structure
Single or Multiple melodic lines structuredhanjurrannsibayan2
 
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxCOMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxannathomasp01
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...Poonam Aher Patil
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Pooja Bhuva
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxmarlenawright1
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - Englishneillewis46
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsMebane Rash
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxPooja Bhuva
 

Último (20)

Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the Classroom
 
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdf
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
Single or Multiple melodic lines structure
Single or Multiple melodic lines structureSingle or Multiple melodic lines structure
Single or Multiple melodic lines structure
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxCOMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptx
 

Model-Driven Software Development - Web Abstractions 2

  • 1. Web Abstractions 1I access control policies, data validation, workflow, ajax, search Lecture 4 Course IN4308 Eelco Visser Master Computer Science http://eelcovisser.org Delft University of Technology Wednesday, March 10, 2010
  • 2. Modeling Modeling IDEs Software Systems Modeling Transforming Web Programs Software Models Implementing Software Language Web Models Engineering Strategies Modeling Make your own Software Languages Software Languages Wednesday, March 10, 2010
  • 3. Web Abstractions from a declarative point of view (we’ll investigate underlying mechanisms later) Wednesday, March 10, 2010
  • 4. More Web Abstractions - Access control policies ★ constraints over objects ★ role-based AC, discretionary AC - Data validation ★ form validation ★ data integrity - Workflow - Search - AJAX: accessing page fragments (templates) Wednesday, March 10, 2010
  • 5. Access Control Danny M. Groenewegen, Eelco Visser. Declarative Access Control for WebDSL: Combining Language Integration and Separation of Concerns. ICWE 2008: 175-188 Wednesday, March 10, 2010
  • 6. Case 2: Access Control Policy for Conference Papers ★ has authors Authors ★ submit papers, read reviews Reviewers ★ write review for paper & discuss papers ★ are anonymous (for authors) Conflicts ★ author cannot be reviewer ★ reviewer not related to authors Wednesday, March 10, 2010
  • 7. Access Control Mechanisms Wednesday, March 10, 2010
  • 8. WebDSL Access Control Constraints over data model - boolean expression over properties of objects Rules restrict access to resources - page, template, action Infer restriction of navigation - don’t show link to inaccessible page or forbidden action Wednesday, March 10, 2010
  • 9. Principal representation of principal turn on access control Wednesday, March 10, 2010
  • 10. Access Control Rules ‘may access page f with argument x if boolean expression e is true’ Wednesday, March 10, 2010
  • 11. Wiki Access Control Rules ‘anyone can view existing pages, only logged in users can create pages’ ‘only logged in users may edit pages’ Wednesday, March 10, 2010
  • 12. Wiki Access Control Rules Wednesday, March 10, 2010
  • 13. Wiki Access Control Rules Wednesday, March 10, 2010
  • 14. Wiki Access Control Rules Wednesday, March 10, 2010
  • 15. Wiki Access Control Rules Wednesday, March 10, 2010
  • 17. Access Control Policies Standard Policies - Mandatory access control - Discretionary access control - Role-based access control Mixing policies - Role-based + discretionary access control WebDSL - No restrictions on access control policies Wednesday, March 10, 2010
  • 18. Encoding Access Control Policies Rules - Who may access which resources? - Who can apply which actions? Representation - How are permissions stored? Administration - How can permissions be changed? - Who can change permissions? Wednesday, March 10, 2010
  • 19. Wiki: Data Model Wednesday, March 10, 2010
  • 20. Wiki: User Interface Templates (abbreviated to navigation structure) Wednesday, March 10, 2010
  • 21. Wiki: Generic Access Control Rules Wednesday, March 10, 2010
  • 22. Mandatory Access Control Security Labels ★ Classification label protects object • Top Secret, Secret, Confidential, Unclassified ★ Clearance indicates access of subject Confidentiality rules ★ Read-down: clearance should be higher than or equal to classification document to read ★ Write-up: clearance is lower than or equal to classification of document to write Wednesday, March 10, 2010
  • 25. Discretionary Access Control Access control lists - objects have owner - owner grants, revokes users access to object Example: Unix file permissions - read, write, execute permissions for - owner, group, anyone Wednesday, March 10, 2010
  • 29. Role-Based Access Control Role: group of activities - authorization assigned to roles - users assigned to roles - robust to organizational changes Hierarchical roles - least privilege: use minimal permissions for task Separation of duties - critical actions require coordination Wednesday, March 10, 2010
  • 33. Mixing Access Control Policies Real policies - Mix of DAC & RBAC - AC rules are constraints over object graph WebDSL - No policies built-in Wednesday, March 10, 2010
  • 34. Case 2: Access Control Policy for Conference Papers ★ has authors Authors ★ submit papers, read reviews Reviewers ★ write review for paper & discuss papers ★ are anonymous (for authors) Conflicts ★ author cannot be reviewer ★ reviewer not related to authors Wednesday, March 10, 2010
  • 35. Data Validation Danny M. Groenewegen, Eelco Visser. Integration of Data Validation and User Interface Concerns in a DSL for Web Applications. SLE 2010 Wednesday, March 10, 2010
  • 36. Data Validation Check input & maintain data integrity Types of validation - Value well-formedness - Data invariants - Input assertions - Action assertions User interface integration - Display errors Wednesday, March 10, 2010
  • 37. Validation Rules data validation form validation action assertions messages Wednesday, March 10, 2010
  • 39. Customizing Value Well-Formedness Rules Wednesday, March 10, 2010
  • 47. Workflow Zef Hemel, Ruben Verhaaf, Eelco Visser. WebWorkFlow: An Object-Oriented Workflow Modeling Language for Web Applications. MoDELS 2008: 113-127 Note: WebWorkFlow is not supported by current version of WebDSL Wednesday, March 10, 2010
  • 48. Workflow Coordinating activities by participants WebWorkFlow - object-oriented workflow definition - integrate all aspects of workflow ★ data ★ user interface ★ access control ★ control-flow - abstractions on top of base WebDSL Wednesday, March 10, 2010
  • 49. WebWorkFlow by Example: Progress Meeting Wednesday, March 10, 2010
  • 51. workflow procedure workflow object procedure call process definition Wednesday, March 10, 2010
  • 52. parallel enable next step iterate Wednesday, March 10, 2010
  • 53. access control access control Wednesday, March 10, 2010
  • 59. Workflow Remarks Recursive workflows (see paper) Issue: user interface patterns for workflow Is workflow an anti-pattern? - is workflow good interaction design? - determine order of user actions - what are alternatives? Wednesday, March 10, 2010
  • 61. search annotations search queries Wednesday, March 10, 2010
  • 62. AJAX Michel Weststrate. Abstractions for Asynchronous User Interfaces in Web Applications.Master's thesis, Delft University of Technology, 2009. Wednesday, March 10, 2010
  • 63. AJAX Deliver page fragments, not just full pages - Replace page elements by new fragments - Templates are unit of replacement Wednesday, March 10, 2010
  • 64. placeholder default view Wednesday, March 10, 2010
  • 66. Summary Access control policies ★ constraints over objects ★ encoding of standard policies (DAC, RBAC) Data validation ★ form validation & data integrity Workflow ★ coordinating activities of multiple participants Search based on data model annotations AJAX: accessing page fragments (templates) Wednesday, March 10, 2010
  • 67. Schedule Lab this week ★ WebDSL application Cases ★ Case 2: web abstractions ★ Read: Declarative Access Control for WebDSL ★ Read: Integration of Data Validation and User Interface Concerns ★ Read: WebWorkFlow Next ★ Lecture 5: WebDSL implementation strategies ★ Lecture 6 & 7: modeling languages Wednesday, March 10, 2010