Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
AOSD
2010
ACM
2010
ACM
A permission system for secure AOP
The integration of third-party aspects into applications creates security challenges. Due to the intrusive impact of aspects, one cannot guarantee that the dynamic composition of aspects does not lead to misbehavior. The newly composed aspect typically has many, if not unrestricted, rights to read and modify attributes of the base system. AspectJ, amongst other AOP systems, suffers from this limitation, which makes the composition of independently developed aspects riskful. We have defined and prototyped a run-time policy enforcement model based on execution history to protect programs from untrusted aspects. The dynamic nature of the approach has the advantage that up to date run-time information allows more accurate decision making. We have built a prototype for AspectJ and illustrate its use in a realistic example. Our evaluation shows that practical use of such a solution is feasible and that run-time overhead can be limited. Categories and Subject Descriptors K.6.5 [Security an...
Real-time TrafficAOSD 2010 | Applications Creates Security | Execution History | Run-time Policy Enforcement | Software Engineering |
Related Content
| Added | 03 Jul 2010 |
| Updated | 03 Jul 2010 |
| Type | Conference |
| Year | 2010 |
| Where | AOSD |
| Authors | Wouter De Borger, Bart De Win, Bert Lagaisse, Wouter Joosen |
Comments (0)
Researcher Info
|
