Security through aspect-oriented programming

被引：0

作者：

De Win, B ^{[1
]}

Vanhaute, B ^{[1
]}

De Decker, B ^{[1
]}

机构：

[1] Katholieke Univ Leuven, Dept Comp Sci, B-3001 Heverlee, Belgium

来源：

ADVANCES IN NETWORK AND DISTRIBUTED SYSTEMS SECURITY | 2001年 / 78卷

关键词：

aspect-oriented programming; security; separation of concerns;

D O I：

暂无

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Since many applications are. too complex to be solved ad hoc, mechanisms are being developed to deal with different concerns separately. An interesting case of this separation is security. The implementation of security mechanisms often interacts or even interferes with the core functionality of the application. This results in tangled, unmanageable code with a higher risk of security bugs. Aspect-oriented programming promises to tackle this problem by offering several abstractions that help to reason about and specify the concerns one at a time, In this paper we make use of this approach to introduce security into an application. By means of the example of access control, we investigate how well the state of the art in aspect-oriented programming can deal with the separation of security from an application. We also discuss the. benefits and drawbacks of this approach, and how it relates to similar techniques.

引用

页码：125 / 138

页数：14

共 50 条

[31] An aspect-oriented approach for the systematic security hardening of code
Mourad, Azzam
Laverdiere, Marc-Andre
Debbabi, Mourad
COMPUTERS & SECURITY, 2008, 27 (3-4) : 101 - 114
[32] New aspect-oriented constructs for security hardening concerns
Mourad, Azzam
Soeanu, Andrei
Laverdiere, Marc-Andre
Debbabi, Mourad
COMPUTERS & SECURITY, 2009, 28 (06) : 341 - 358
[33] CIVD: detection of command injection vulnerabilities in web services through aspect-oriented programming
Shanmughaneethi, V.
Praveen, Ra. Yagna
Swamynathan, S.
INTERNATIONAL JOURNAL OF COMPUTER APPLICATIONS IN TECHNOLOGY, 2012, 44 (04) : 312 - 320
[34] Implementing and Testing Producer-Consumer Problem Using Aspect-Oriented Programming
Zhang, Yang
Zhang, Jingjun
Zhang, Dongwen
FIFTH INTERNATIONAL CONFERENCE ON INFORMATION ASSURANCE AND SECURITY, VOL 2, PROCEEDINGS, 2009, : 749 - +
[35] Dynamic invocation of Web services by using aspect-oriented programming
Reséndiz, MP
Aguirre, JOO
2005 2ND INTERNATIONAL CONFERENCE ON ELECTRICAL & ELECTRONICS ENGINEERING (ICEEE), 2005, : 48 - 51
[36] Implementing aspect-oriented programming constructs as modular language extensions
Van Wyk, Eric
SCIENCE OF COMPUTER PROGRAMMING, 2007, 68 (01) : 38 - 61
[37] Facilitating software extension with design patterns and Aspect-Oriented Programming
Kouskouras, Konstantinos G.
Chatzigeorgiou, Alexander
Stephanides, George
JOURNAL OF SYSTEMS AND SOFTWARE, 2008, 81 (10) : 1725 - 1737
[38] A state-based testing approach for aspect-oriented programming
Liu, Chien-Hung
Chang, Chuan-Wen
JOURNAL OF INFORMATION SCIENCE AND ENGINEERING, 2008, 24 (01) : 11 - 31
[39] Augmentation of BPEL with New Functions using Aspect-Oriented Programming
Kwak, Donggyu
Choi, Jaeyoung
Lee, Myungho
2012 IEEE 14TH INTERNATIONAL CONFERENCE ON HIGH PERFORMANCE COMPUTING AND COMMUNICATIONS & 2012 IEEE 9TH INTERNATIONAL CONFERENCE ON EMBEDDED SOFTWARE AND SYSTEMS (HPCC-ICESS), 2012, : 941 - 946
[40] A semantics for advice and dynamic join points in aspect-oriented programming
Wand, M
Kiczales, G
Dutchyn, C
ACM TRANSACTIONS ON PROGRAMMING LANGUAGES AND SYSTEMS, 2004, 26 (05): : 890 - 910

← 1 2 3 4 5 →