A permission system for secure AOP

12 years 2 months ago
A permission system for secure AOP
The integration of third-party aspects into applications creates security challenges. Due to the intrusive impact of aspects, one cannot guarantee that the dynamic composition of aspects does not lead to misbehavior. The newly composed aspect typically has many, if not unrestricted, rights to read and modify attributes of the base system. AspectJ, amongst other AOP systems, suffers from this limitation, which makes the composition of independently developed aspects riskful. We have defined and prototyped a run-time policy enforcement model based on execution history to protect programs from untrusted aspects. The dynamic nature of the approach has the advantage that up to date run-time information allows more accurate decision making. We have built a prototype for AspectJ and illustrate its use in a realistic example. Our evaluation shows that practical use of such a solution is feasible and that run-time overhead can be limited. Categories and Subject Descriptors K.6.5 [Security an...
Wouter De Borger, Bart De Win, Bert Lagaisse, Wout
Added 03 Jul 2010
Updated 03 Jul 2010
Type Conference
Year 2010
Where AOSD
Authors Wouter De Borger, Bart De Win, Bert Lagaisse, Wouter Joosen
Comments (0)