Page 1391 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 1391

actions that can be taken on the object. For example, the account
               object can have methods to add funds, deduct funds, close the account,

               and transfer ownership.

               Objects can also be subclasses of other objects and inherit methods
               from their parent class. For example, the account object may have
               subclasses that correspond to specific types of accounts, such as
               savings, checking, mortgages, and auto loans. The subclasses can use
               all the methods of the parent class and have additional class-specific

               methods. For example, the checking object might have a method called
               write_check(), whereas the other subclasses do not.

               From a security point of view, object-oriented programming provides
               a black-box approach to abstraction. Users need to know the details of
               an object’s interface (generally the inputs, outputs, and actions that
               correspond to each of the object’s methods) but don’t necessarily need
               to know the inner workings of the object to use it effectively. To

               provide the desired characteristics of object-oriented systems, the
               objects are encapsulated (self-contained), and they can be accessed
               only through specific messages (in other words, input). Objects can
               also exhibit the substitution property, which allows different objects
               providing compatible operations to be substituted for each other.

               Here are some common object-oriented programming terms you
               might come across in your work:

               Message A message is a communication to or input of an object.


               Method A method is internal code that defines the actions an object
               performs in response to a message.

               Behavior The results or output exhibited by an object is a behavior.
               Behaviors are the results of a message being processed through a
               method.

               Class A collection of the common methods from a set of objects that
               defines the behavior of those objects is a class.


               Instance Objects are instances of or examples of classes that contain
               their methods.

               Inheritance Inheritance occurs when methods from a class (parent
   1386   1387   1388   1389   1390   1391   1392   1393   1394   1395   1396