Security for Distributed Web-Applications via Aspect-Oriented Programming
نویسندگان
چکیده
Identity Management is becoming more and more important in business systems as they are opened for third parties including trading partners, consumers and suppliers. This paper presents an approach securing a system without any knowledge of the system source code. The security module adds to the existing system authentication and authorisation based on aspect oriented programming and the liberty alliance framework, an upcoming industrie standard providing single sign on. In an initial training phase the module is adapted to the application which is to be secured. Moreover the use of hardware tokens and proactive computing is demonstrated. The high modularisation is achived through use of AspectJ, a programming language extension of Java.
منابع مشابه
Security for Distributed Web-Services via Aspect-Oriented Programming
Identity Management is becoming more and more important in business systems as they are opened for third parties including trading partners, consumers and suppliers. This paper presents an approach securing a system without any knowledge of the system source code. The security module adds to the existing system authentication and authorisation based on aspect oriented programming and the libert...
متن کاملProtection of Web Applications Using Aspect Oriented Programming and Performance Evaluation
Web application security is a critical issue. Security concerns are often scattered through different parts of the system. Aspect oriented programming is a programming paradigm that provides explicit mechanisms to modularize these concerns. In this paper we present an Aspect Oriented system for detecting and prevent common attacks in web applications like Cross Site Scripting (XSS) and SQL Inje...
متن کاملEliminating SQL Injection and Cross Site Scripting Using Aspect Oriented Programming
Security vulnerabilities in the web applications that we use to shop, bank, and socialize online expose us to exploits that cost billions of dollars each year. This paper describes the design and implementation of AspectShield, a system designed to mitigate the most common web application vulnerabilities without requiring costly and potentially dangerous modifications to the source code of vuln...
متن کاملAspect-Oriented Programming with C# and .NET
Almost a year ago, Microsoft has introduced the .NET architecture as a new component-based programming environment, which allows for easy integration of classical distributed programming techniques with Web computing. .NET defines a type system and introduces notions such as component, object, and interface, which are building blocks for distributed multi-language component-based applications. ...
متن کاملDynamic Aspect-Oriented Security Policy Enforcement
There are many approaches to utilizing aspect-oriented (AO) languages and techniques for the purpose of introducing security into applications. The cross-cutting nature of security has been well documented and therefore the benefit of implementing security using AO techniques logically follows. Authentication, authorization, auditing, logging, etc. are obvious activities that can easily be intr...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/cs/0507071 شماره
صفحات -
تاریخ انتشار 2005