Oviedo, Carlos.

This work discusses and compares two different approaches that design and implement a requirement for security in an application. The construction process followed for the security features determines how easily further changes can be accommodated, after the application has been built. How the problem is decomposed into modules, and when, determines if a solution or parts from the solution will be reusable without modification in the same application after changes have been made to address a new or altered requirement. Two construction perspectives are analyzed. In the first perspective, security features are embedded within the application design. In the second approach, the security design is separated from the rest of the application. For this latter implementation, an aspect oriented approach is used. The analysis performed shows that how the problem is decomposed leads to different designs, which present different levels of challenge for the application's future evolution. If a more adaptable solution can be designed and implemented, then the application will be more flexible to accommodate new changes and, as a consequence, be more reusable.