Evolving Legacy System Security Concerns Using Aspects

نویسندگان

Robin C. Laney

Janet van der Linden

Pete Thomas

چکیده

This paper shows how aspects can be successfully employed in the support of system evolution. The context is a case study on migrating a legacy client-server application to overcome the security problems associated with ‘message tampering’ attacks. The focus is on authorization issues in which aspects are used to add a security mechanism based on digital signatures. The approach provides for future evolution of the system. In particular, it is shown how factoring of aspectual concerns allows the scope of the security boundary to be varied, illustrating reuse of the aspects. Whilst the aspects are added non-intrusively, it i s demonstrated how aspects can modify the control-flow behaviour of a server. An extension to AspectJ’s exception mechanism that conforms to design by contract is proposed to facilitate this form of aspect.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Evolution of Aspects for Legacy System Security Concerns

متن کامل

Security Analysis in the Migration to Cloud Environments

Cloud computing is a new paradigm that combines several computing concepts and technologies of the Internet creating a platform for more agile and cost-effective business applications and IT infrastructure. The adoption of Cloud computing has been increasing for some time and the maturity of the market is steadily growing. Security is the question most consistently raised as consumers look to m...

متن کامل

On the importance of the separation-of-concerns principle in secure software engineering

The separation-of-concerns principle is one of the essential principles in software engineering. It says that software should be decomposed in such a way that different “concerns” or aspects of the problem at hand are solved in well-separated modules or parts of the software. Yet, many security experts feel uneasy about trying to isolate security-related concerns, because security is such a per...

متن کامل

A Study of Cohesion Metrics for Aspect- Oriented Systems

Aspect-oriented is new programming approach to develop software. There are various existing approaches like modular and objectoriented but these approaches suffer from limitation in properly separating crosscutting concerns. Examples of cross cutting concerns are caching, tracing, logging, security, resource pooling, synchronization, exception handling etc. Code related to these concerns is gen...

متن کامل