Aspectizing Java Access Control

Cómo citar
Cómo citar

Aspectizing Java Access Control

Título: Aspectizing Java Access Control
Autor: Toledo, Rodolfo; Núñez, Angel; Tanter, Éric Pierre; Noyé, Jacques
Resumen: It is inevitable that some concerns crosscut a sizeable application, resulting in code scattering and tangling. This issue is particularly severe for security-related concerns: It is difficult to be confident about the security of an application when the implementation of its security-related concerns is scattered all over the code and tangled with other concerns, making global reasoning about security precarious. In this study, we consider the case of access control in Java, which turns out to be a crosscutting concern with a nonmodular implementation based on runtime stack inspection. We describe the process of modularizing access control in Java by means of Aspect-Oriented Programming (AOP). We first show a solution based on AspectJ, the most popular aspect-oriented extension to Java, that must rely on a separate automata infrastructure. We then put forward a novel solution via dynamic deployment of aspects and scoping strategies. Both solutions, apart from providing a modular specification of access control, make it possible to easily express other useful policies such as the Chinese wall policy. However, relying on expressive scope control results in a compact implementation, which, at the same time, permits the straightforward expression of even more interesting policies. These new modular implementations allowed by AOP alleviate maintenance and evolution issues produced by the crosscutting nature of access control.
Descripción: Artículo de publicación ISI
Fecha: 2012-02
Cita del item: IEEE TRANSACTIONS ON SOFTWARE ENGINEERING Volume: 38 Issue: 1 Pages: 101-117 Published: JAN-FEB 2012

Archivos vinculados

Formato: Nombre: Tamaño: Descripción: Ver
Abrir / Descargar

El ítem tiene asociados los siguientes archivos de licencia:

Este ítem aparece en la(s) siguiente(s) colección(ones)