New Primitives to AOP Weaving Capabilities for Security Hardening Concerns
نویسندگان
چکیده
In this paper, we present two new primitives to Aspect-Oriented Programming (AOP) languages that are needed for systematic hardening of security concerns. These primitives are called exportParameter and importParameter and are used to pass parameters between two pointcuts. They allow to analyze a program’s call graph in order to determine how to change function signatures for the passing of parameters associated with a given security hardening. We find this feature necessary in order to implement security hardening solutions that are infeasible or impractical using the current AOP proposals. Moreover, we show the viability and correctness of our proposed primitives by elaborating their algorithms and presenting experimental results.
منابع مشابه
New aspect-oriented constructs for security hardening concerns
In this paper, we present new pointcuts and primitives to Aspect-Oriented Programming (AOP) languages that are needed for systematic hardening of security concerns. The two proposed pointcuts allow to identify particular join points in a program’s control-flow graph (CFG). The first one is the GAFlow, Closest Guaranteed Ancestor, which returns the closest ancestor join point to the pointcuts of...
متن کاملModularization of Enterprise Application Security Through Spring AOP
The goal of the paper is to present that Aspect Oriented Programming AspectJ integrated with Spring AOP provides very powerful mechanisms for modularizing enterprise security cross-cutting concerns. Aspect-oriented programming (AOP) allows weaving a security aspect into an application providing additional security functionality or introducing completely new security mechanisms.Spring’s proxy-ba...
متن کاملControl Flow Based Pointcuts for Security Hardening Concerns
In this paper, we present two new control flow based pointcuts to Aspect-Oriented Programming (AOP) languages that are needed for systematic hardening of security concerns. They allow to identify particular join points in a program’s control flow graph (CFG). The first proposed primitive is the GAFlow, the closest guaranteed ancestor, which returns the closest ancestor join point to the pointcu...
متن کاملAspect-Oriented Programming Runtime-Enforcement of Temporal Properties in Security-Critical Software
The Aspect-Oriented Programming paradigm has been advocated for modularisation of cross-cutting concerns in large systems. Various applications of this approach have been explored in the literature, one of which is that of runtime-verification based on assertions or temporal properties. Manually weaving temporal properties to ensure correct execution into a large code base is difficult to achie...
متن کاملStronger Enforcement of Security Using AOP and Spring AOP
An application security has two primary goals: first, it is intended to prevent unauthorised personnel from accessing information at higher classification than their authorisation. Second, it is intended to prevent personnel from declassifying information. Using an object oriented approach to implementing application security results not only with the problem of code scattering and code tanglin...
متن کامل