A simple security–Aware MOP for Java

Caromel, Denis; Huet, Fabrice; Vayssière, Julien

doi:10.1007/3-540-45429-2_9

Cited by 4 publications

(2 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This paper builds upon our own previous work [6,7] and other authors' work on reflective security [8,9,10,11,12,13,14], aspect-oriented security [15,16] and general approaches to implementing non-functional concerns using aspects [17,18].…”

Section: Introductionmentioning

confidence: 83%

“…Although we achieved the aim of a clear separation of concerns, a drawback of our approach was that the meta level required the same permissions as the base level. Other researchers have proposed an approach that maintains the principle of least privilege and therefore does not require the meta level to have the same permissions as the base level [13,14]. This is not an issue for this paper as we do not apply the standard Java security architecture.…”

Section: Reflective Securitymentioning

confidence: 99%

See 1 more Smart Citation

Re-engineering Security as a Crosscutting Concern

Welch¹,

Stroud²

2003

The Computer Journal

View full text Add to dashboard Cite

We have re-engineered a third-party application using a reflective security architecture that allows security to be treated as a crosscutting concern. This has resulted in a considerable reduction in tangling between application code and security code. Prior to the re-engineering, the application was secured using a conventional approach based upon the application of inheritance and the proxy pattern, and we are thus able to compare both approaches. Our experience highlights some general points that are applicable to any attempt to engineer security using advanced separation of concerns technology and some possible improvements to Kava, used to implement the crosscutting concerns.

show abstract

Section: Introductionmentioning

confidence: 83%

Section: Reflective Securitymentioning

confidence: 99%

Re-engineering Security as a Crosscutting Concern

Welch¹,

Stroud²

2003

The Computer Journal

View full text Add to dashboard Cite

show abstract

A security framework for reflective Java applications

Caromel

Vayssière

2003

Softw Pract Exp

View full text Add to dashboard Cite

The advent of component‐based reflective applications raises the issue of protecting baselevel components from the actions performed by metalevel components. However, by their very nature, reflective applications are far more difficult to secure than non‐reflective applications, which certainly explains why the problem has received very little attention so far. In this paper we present a security framework for enforcing access control between metalevel components and the baselevel components they reflect on. Rather than designing a new security architecture from scratch, we extend the standard security architecture of Java to provide security for a fully‐functional proxy‐based MOP for Java. We implement a number of well‐known meta‐level behaviors and study their security requirements, the results of which support our design choices. Copyright © 2003 John Wiley & Sons, Ltd.

show abstract

Designing a Secure Programming Language

Austin

2010

Handbook of Information and Communication Security

View full text Add to dashboard Cite

A simple security–Aware MOP for Java

Cited by 4 publications

References 6 publications

Re-engineering Security as a Crosscutting Concern

Re-engineering Security as a Crosscutting Concern

A security framework for reflective Java applications

Designing a Secure Programming Language

Contact Info

Product

Resources

About