Object Oriented INFOSEC Elements
Object Oriented Programming (OOP) methods are different from those of traditional computer programming methods, although many modern programming environments now are beginning to have OOP capabilities.
What are Objects?
At a high level, objects are a rational way to define and model very complex arrangements of elements and attributes in ways that rationally express the composition and interaction of the World. Objects may be viewed as collections of associated programmed characteristics and interactions that work with other objects.
What is so significant about Object programming?
To fully integrate and operate secure multimedia a richer environment for managing, classifying, integrating and developing abstract logic and physical communications criteria is necessary. For programmers, objects are a way of programming modules of code such that their elements are independent, each element having private capabilities to exchange information and take action with or without other objects that form the body of the code. Objects communicate by private messages. OOP significantly increases programmer productivity by providing pre-built applications that can be refined and reused, instead of writing or rewriting code from scratch. Object code can be designed for self modification, changing qualities " as required on the fly."
Specific computer functions are created as 'objects,' when all the necessary computer code needed to perform independent functions are bundled together. Objects use private data during an independent action or activity. This "object" bundle can be used repeatedly in different programs.  Objects were conceived to model real World systems while maintaining rational and understandable design features through rapid changes.
Objects are often made up of other objects, including themselves. Objects can change character dynamically by inheritance. Objects inherit the attributes of other objects and the inheritance features can change on the fly, during the code operation. Objects can be described as self modifying code.
Advanced CPUs are being designed facilitate more advanced handling of OOPS. Apple and IBM plan to create an open system software based on object-oriented technology. The system will run on major industry hardware platforms, including Intel Corp.'s x86 microprocessor, Motorola Inc.'s 680X0 and IBM's RISC System/6000. Together, they also will develop and market an enhanced AIX combining the best of IBM's open systems with Macintosh. Future computer systems will, in many important ways, ignore the differences between the operating system, the data and the applications. Object oriented operating systems will be the vehicle for true multimedia security because the concept of security objects will be fully integrated into the principals of the hardware to data to information structure.
The idea of object oriented operating systems leads to some very interesting conclusions concerning the abstraction of the term computer. Integration of the concept of operation of objects to the hardware vehicle will require a major paradigm shift in the principals of computation machines. Systems founded on integrated objects will realize improvements in data manipulation and dynamic interchange. Today's concept of computer also involves the concept of location and place. The truly distributed nature of a total integrated object oriented architecture would imply that the term "computer" is everywhere. In the conductivity of the working environment of the future, such object integration would mean that the term "workstation", for instance, would be interpreted to mean "information station." Every computer would then, to varying degrees, be such a an "information station." The personal station at the desk and the computerized soft drink machine down the hall would both share the common attributes of an information station. Since information stations are, by nature of design, readily able to extract, produce and exchange information, there would be little difference in their potential for transaction. The vending machine down the hall could therefore process and use the same information matrix to sell you a soda or a bar of candy as the machine on the desk uses to leverage more productive work . Where the office information station might use multimedia and user knowledge to improve the individual knowledge worker's performance, the vending machine might use knowledge of the individual to present multimedia presentations of products that improve the potential of selection and ultimate gross sales. This is possible if there is no class distinction of object attributes and therefore inhibition of knowledge at the meta level. This illustrates that in practice there must be distinction of classes of information stations. In practice, rather than less, there will be a great number of classes of information stations. At the same time these information stations, by definition will share many object characteristics.
A source of the object oriented inhibition of transactions would be an enforceable necessity. It is obvious that consideration of such a design must begin with a conceptualization of a standard for Security Object Attribute Specification System (SOAS) and Object Security Specification (OSS).
The activities of Apple and IBM will also produce an Object Oriented Operating System that is capable of both requesting services, directly moving data, information and knowledge across applications, platforms and networks. Integrated into this fashion is the idea of the individual workstation providing much more powerful virtual capabilities for users.
Such configurations may become more vulnerable, more sensitive to collisions of data values, data qualities, information authenticity and creditability. Without adequate security, the propagation of error could place such systems in positions similar to those of today's computer virus infestations. Either through accident or design, once released, errors can ripple across communities of systems and embed or incorporate themselves.
Object Oriented Media Encryption (OOME) represents a means of reaching and maintaining a precise organizational INFOSEC model through the combination of trusted security techniques found in COMPUSEC and the mathematical assurance of encryption. The application of an OOME model can provide data integrity, access control, and authentication of directories and files to the individual workstations and workstations on LANs by assigning object oriented attributes to cryptography, which are also attributes of the files.
Object oriented encryption can act as an authenticatable enforcement mechanism for application programs, data separation requirements, information flow control, and states of confidentiality for data files. As an incorporated part of an information object, object oriented encryption can become an hidden method. System decisions to protect information using encryption would not be apparent to users who are communicating or otherwise accessing information stations. Fully integrated object oriented media encryption solutions would encrypt only the information object attributes that are necessary for adequate solution of the system interpretation of protection. the solution factors that comprise such a solution would be both generalized across the global information system and embedded regionally as required as local instance security solutions.
The programming using Object Oriented Programming (OOP) is first and foremost an activity of modeling both the essential organizational and communications processes. The association of communication purpose(s), location(s) and goal(s) are important to Object Oriented Security Enforcement measures.
There are three types of objects that must be considered for designing communications systems using OOP.
The first type, of object (type 1 communication objects) represent an overall and generalized thinking of the organizational communications space. The purpose of these kinds of objects and their associations into a rational model is to provide a generic frame on which to maintain the logic and rationality of explicit organizational communications models. Once created, this set of objects will become a template for application into other organizations.
Examples of the type one communication objects include objects associated with the concepts and interactions of ORGANIZATION, NODE, SENDER and RECEIVER. The terminology is important. There will always be ORGANIZATIONS, NODES, SENDERS and RECEIVERS in the inter and intra organizational communications process.
The second type of object (type 2 communications objects) represents the explicit subset of objects that carry out and express the detail of the cryptographic communications processes. Examples of the type two object representations include APPLICATION, LABEL, KEY, CRYPTOENGINE, PIN and USER. These objects may change rapidly. There could also be many flavors of these more explicit organizational communications objects.
The third type of object (type 3 communications objects) represent the message transmission. The encrypted message object will consist of attributes associated with There are a number of communications attributes that this object will introduce into communications procedures. Among these are attributes associated with the original sender and receiver.
Copyright (c) 2001-2007 RDFollendoreIII All Rights Reserved