Title :
An aspect-oriented security framework
Author :
Shah, Viren ; Hill, Frank
Abstract :
The security of a software system is an attribute that permeates the whole system. As such, any attempt to address security concerns in a software system must, of necessity, be global in nature, and security solutions must be applied consistently at every relevant location. One way of achieving these objectives is by separating out security concerns from the rest of the application issues, such that they can be addressed independently and applied globally. A methodology that would encompass these two high-level goals: separation of security concerns and consistent implementation of security solutions, would pave the road towards secure applications. To implement such a methodology, we chose to use the aspect-oriented programming (AOP) paradigm. AOP is a relatively new programming model that enables the separation of cross-cutting concerns while remaining easy to use and integrating well with the development process. We describe a framework, based on the AOP model, for implementing security solutions in a globally consistent manner such that security concerns are modularized.
Keywords :
object-oriented programming; security of data; AOP model; application issues; aspect-oriented programming paradigm; aspect-oriented security framework; high-level goals; programming model; security concerns; security solutions; separation of concerns; software system security; Application software; Communication system security; Computer industry; Defense industry; Government; Information security; Military communication; Mission critical systems; Object oriented modeling; Software systems;
Conference_Titel :
DARPA Information Survivability Conference and Exposition, 2003. Proceedings
Print_ISBN :
0-7695-1897-4
DOI :
10.1109/DISCEX.2003.1194952
