Object-oriented Design

I introduced the first OO course at this university in 1986. In 1991 I started using Rumbaugh et al.’s textbook, which I used until 1997. Currently this course looks like this. In 1997 I introduced an advanced version of this course. This course emphasizes the handling of complex systems using patterns and other design principles.

My research includes several aspects of OO, and I have produced a good number of papers on these topics that have appeared in journals and conferences. A related topic of interest is Internet Security, where I am applying some of these methods to model policies and mechanisms.

In 1988-89 I analyzed with three of my students the architecture of a fault- tolerant navigation system for aircraft ( Bendix/Allied Signal). We built an OO simulator using Ada. In the summer of 1995 I worked with a group at the OS/2 lab of IBM, Boca Raton, to redesign the presentation manager of OS/2 using objects. In 1997 I built with two of my students an inventory control system for Motorola, Boynton Beach. We did the complete analysis and design and implemented a prototype with the help of a Motorola engineer. We used Paradigm+ for modeling, C++ for the model classes, Java for user interfaces, and to connect all this and access legacy databases we used Iona’s ORB.

In my teaching and research I emphasize the value of OO Analysis and Design, as opposed to the emphasis on languages and coding that is prevalent in industry today. I believe that you cannot build quality systems without a model. In the last two years I have been an active participant in PLoP; I’ve had five patterns in PLoP’99 and have three in PLoP 2000: one about order receiving and shipping, one about inventories, and one about security in distributed objects. I was also a shepherd for two papers at PLoP 2000. A paper summarizing my work on semantic analysis patterns appeared in ER2000.

System Security

My early work on security is about authorization for relational databases. I was a coauthor of the first book on database security. I then did a significant amount of work on security models for object-oriented databases. I introduced the concept of implied or inherited authorization, now used in Windows 2000.

Some of my current work is combining my work on patterns with security. A paper on this topic describes it. Another paper that combines OO and security is a paper from 1997 where I define rights starting from Use Cases. I am now editing a book on security patterns for Wiley and a textbook on data security (with E. Gudes and M. Olivier).