Modularization of Enterprise Application Security Through Spring AOP
نویسندگان
چکیده
The goal of the paper is to present that Aspect Oriented Programming AspectJ integrated with Spring AOP provides very powerful mechanisms for modularizing enterprise security cross-cutting concerns. Aspect-oriented programming (AOP) allows weaving a security aspect into an application providing additional security functionality or introducing completely new security mechanisms.Spring’s proxy-based AOP framework is well suited for handling many generic middleware and application-specific problems. The most important part of the Spring/AspectJ integration allows Spring to configure AspectJ aspects using Dependency Injection. This brings similar benefits to aspects as to objects. Also Spring has ability to provide AspectJ pointcut expressions to be used in Spring XML or other bean definition files, to target Spring advice. This will allow some of the power of the AspectJ pointcut model to be applied to Spring’s proxy-based AOP framework. Implementation of security with AOP is a flexible method to develop separated, extensible and reusable pieces of code called aspects. In this inquisitive study, we bring some insight about the usage of powerful technology for developing secure enterprise applications.
منابع مشابه
Stronger Enforcement of Security Using AOP and Spring AOP
An application security has two primary goals: first, it is intended to prevent unauthorised personnel from accessing information at higher classification than their authorisation. Second, it is intended to prevent personnel from declassifying information. Using an object oriented approach to implementing application security results not only with the problem of code scattering and code tanglin...
متن کاملA Catalog of Aspect Refactorings for Spring/AOP
The importance of enterprise applications in current organizations makes it necessary to facilitate their maintenance and evolution along their life. These kind of systems are very complex and they have several requirements that orthogonally crosscut the system structure (called crosscutting concerns). Since many of the enterprise systems are developed with the Spring framework, can be taken ad...
متن کاملEliminating SQL Injection and Cross Site Scripting Using Aspect Oriented Programming
Security vulnerabilities in the web applications that we use to shop, bank, and socialize online expose us to exploits that cost billions of dollars each year. This paper describes the design and implementation of AspectShield, a system designed to mitigate the most common web application vulnerabilities without requiring costly and potentially dangerous modifications to the source code of vuln...
متن کاملStudies of Enterprises' Modularization Decomposition
"Modularity" theory has been widely applied in product design and manufacturing, system development etc., meanwhile the notion of "modularity" has been infiltrating into researches and practicalities of current enterprises theories, industrial economy as well as enterprises strategies. Thus, the concept of "modularity" is a hot topic among experts of products design engineering, economist and o...
متن کاملUsing Aspect Programming to Secure Web Applications
—As the Internet users increase, the need to protect web servers from malicious users has become a priority in many organizations and companies. Writing crosscutting functions in complex software should take advantage of the modularity offered by new software development approaches. With AspectOriented Programming (AOP), separating concerns when designing an application fosters reuse, paramete...
متن کامل