Michael VanHilst

Learn More
In this paper we present a method of code implementation that works in conjunction with collaboration and responsibility based analysis modeling techniques to achieve better code reuse and resilience to change. Our approach maintains a closer mapping from responsibilities in the analysis model to entities in the implementation. In so doing, it leverages the(More)
In previous work we introduced an approach for finding security requirements based on misuse activities (actions). This method starts from the activity diagram of a use case (or a sequence of use cases). Each activity is analyzed to see how it could be subverted to produce a misuse of information. This analysis results in a set of threats. We then consider(More)
An underlying theory is a framework of goals, solutions, and assumptions that guide how we observe situations and define problems. In science, the underlying theories, like particles, waves, relativity, plate tectonics, and evolution, are well known and well understood. In process improvement, the underlying theories are not so well understood. To address(More)
This report summarizes the key goals, vision, and accomplishments of research in HP Laboratories on Assistant and Agent technology for me-centric computing. The primary focus of our work is in the architecture and implementation of intelligent assistants for mobile professionals and me-centric, peer-to-peer computing. We are investigating the possibilities(More)
An important aspect of security requirements is the understanding and listing of the possible threats to the system. Only then can we decide what specific defense mechanisms to use. We show here an approach to list all threats by considering each action in each use case and analyzing how it can be subverted by an internal or external attacker. From this(More)
Parnas' seminal 1972 paper, "On the Criteria To Be Used in Decomposing Systems into Modules," identified simplifying change as a critical criterion for modularizing software. Successful designs are those in which a change can be accommodated by modifying a single module. There is a tacit assumption in most of the literature that once a change has been(More)
A good way to obtain secure systems is to build applications in a systematic way where security is an integral part of the lifecycle. The same applies to reliability. If we want a system which is secure and reliable, both security and reliability must be built together. If we build not only applications but also middleware and operating systems in the same(More)
This paper presents a classification for security patterns that addresses the needs of users. The approach uses a matrix defined by dividing the problem space along multiple dimensions, and allows patterns to occupy regions, defined by multiple cells in the matrix. It supports filtering for narrow or wide pattern selection, allows navigation along related(More)