Title :
Towards an Aspect Oriented Approach for the Security Hardening of Code
Author :
Mourad, Azzam ; Laverdiére, Marc-André ; Debbabi, Mourad
Author_Institution :
Comput. Security Lab., Concordia Univ., Montreal, QC
Abstract :
In this paper, we present an approach revolving around aspect-oriented software development (AOSD) for the systematic security hardening of source code. It provides an abstraction over the actions required to improve the security of the program. Security architects can specify high level security hardening plans that leverages a priori defined security hardening patterns. These patterns describe the steps and actions required for hardening, including detailed information on how and where to inject the security code. We show the viability and relevance of our approach by: (1) Elaborating security hardening patterns and plans to common security hardening practices, (2) realizing these patterns by implementing them into aspect oriented languages, (3) applying them to secure applications, (4) testing the hardened applications.
Keywords :
object-oriented programming; security of data; software engineering; aspect oriented languages; aspect-oriented software development; code security hardening; program security; security hardening patterns; source code; Application software; Computer security; Information security; Information systems; Laboratories; Open source software; Programming; Proposals; Systems engineering and theory; Testing;
Conference_Titel :
Advanced Information Networking and Applications Workshops, 2007, AINAW '07. 21st International Conference on
Conference_Location :
Niagara Falls, Ont.
Print_ISBN :
978-0-7695-2847-2
DOI :
10.1109/AINAW.2007.355
