Abstract. The objective of this research is to develop techniques that integrate alternative security concerns (e.g., mandatory access control, delegation, authentication, etc.) into the software process. The resulting model-driven framework preserves separation of security concerns from modeling through implementation, and allows security personnel to pick and choose security concerns to concerns promotes security assurance, and should result in a reduction of the security defects in the final system. To achieve separation of concerns at the modeling level, concern-specific languages are defined to capture alternative security concerns. At the implementation level, aspectoriented programming is used to integrate security concerns into an application's code, while preserving modularity. This composition seamlessly combines the chosen security concerns to realize an application's security infrastructure.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.