An Aspect-oriented Framework for Systematic Security Hardening of Software
نویسندگان
چکیده
An Aspect-Oriented Framework for Systematic Security Hardening of Software Azzam Mourad, Ph.D. Concordia University, 2008 In this thesis, we address the problems related to the security hardening of open source software. Accordingly, we first propose an aspect-oriented and pattern-based approach for systematic security hardening. It is based on the full separation between the roles and duties of the security experts and the developers performing the hardening. Such proposition constitutes a bridge that allows the security experts to provide the best solutions to particular security problems with the details on why, how and where to apply them. Moreover, it allows the developers to use these solutions to harden open source software without the need to have high security expertise. We realize the proposed approach by elaborating a programming independent and aspect-oriented based language for security hardening called SHL, developing its corresponding parser, compiler and facilities and integrating all of them into a framework for software security hardening. We also illustrate the feasibility of the elaborated framework by developing several security hardening case studies that deal with known security requirements and vulnerabilities and applying them on large scale
منابع مشابه
A High-Level Aspect-Oriented based Language for Software Security Hardening
In this paper, we propose an aspect-oriented language, called SHL (Security Hardening Language), for specifying systematically the security hardening solutions. This language constitutes our new achievement towards developing our security hardening framework. SHL allows the description and specification of security hardening plans and patterns that are used to harden systematically security int...
متن کاملAn Aspect-Oriented Approach for Software Security Hardening: from Design to Implementation
Security plays a predominant role in software engineering. Enforcing security policies should be considered during the early stages of the software development lifecycle to prevent security breaches in the final products. Because of the pervasive nature of security, integrating security solutions at the software design level may result in the scattering and tangling of security concerns through...
متن کاملSecurity Hardening UML Profile (SHP): A New Approach to Specify Security Hardening Solutions in UML
Security plays a predominant role in software engineering. Enforcing security policies should be considered during the early stages of the software development lifecycle to prevent security breaches in the final products. Because of the pervasive nature of security, integrating security solutions at the software design level may result in the scattering and tangling of security concerns through...
متن کاملNew aspect-oriented constructs for security hardening concerns
In this paper, we present new pointcuts and primitives to Aspect-Oriented Programming (AOP) languages that are needed for systematic hardening of security concerns. The two proposed pointcuts allow to identify particular join points in a program’s control-flow graph (CFG). The first one is the GAFlow, Closest Guaranteed Ancestor, which returns the closest ancestor join point to the pointcuts of...
متن کاملSecurity Evaluation and Hardening of Free and Open Source Software (FOSS)
Recently, Free and Open Source Software (FOSS) has emerged as an alternative to Commercial-Off-The-Shelf (COTS) software. Now, FOSS is perceived as a viable long-term solution that deserves careful consideration because of its potential for significant cost savings, improved reliability, and numerous advantages over proprietary software. However, the secure integration of FOSS in IT infrastruct...
متن کامل