Access control enforcement is used within the context of UML to bring the idea to a better understanding of how this process could work in a popularly used application. This is done by using guarded objects that are commonly used in state machine diagrams, which are a type of behavioral diagram. A Guard object of state machines are usually shown with brackets, [ ], and used as a Boolean expression to express how a variable will behave. The guard is looking for the statement to be true before it will release the action of the variable to take place. It can also be used to make the behavior of something act differently when the statement is …show more content…
When cost reduction and business needs are greater for a company, the time and extra cost it takes to consider security during the early stages may out weigh the need for high level security design. If a company decides to place a low level of security on a software, it may not be feasible for them to use security measures that early in the process.
In providing a current issue for system security, [7] describes why software isn 't popular today: "Unfortunately, due to a perceived high cost in personnel training and use, formal methods have not yet been employed very widely in industrial development." Because of the proposal to be designed into the software, it would have to be reconsidered at every stage of the engineering process, from the requirements on down.
Due to the immaturity and imprecision of security specifications, a large part of the strategy in analysis and implementation is lost [7]. The specifications may not be used at all, which puts undue cost on the design team when it looks like the team didn 't need to include the security specifications