AspectKE*: Security aspects with program analysis for distributed systems

  • Enforcing security policies to distributed systems is difficult, in particular, when a system contains untrusted components. We designed AspectKE*, a distributed AOP language based on a tuple space, to tackle this issue. In AspectKE*, aspects can enforce access control policies that depend on future behavior of running processes. One of the key language features is the predicates and functions that extract results of static program analysis, which are useful for defining security aspects that have to know about future behavior of a program. AspectKE* also provides a novel variable binding mechanism for pointcuts, so that pointcuts can uniformly specify join points based on both static and dynamic information about the program. Our implementation strategy performs fundamental static analysis at load-time, so as to retain runtime overheads minimal. We implemented a compiler for AspectKE*, and demonstrate usefulness of AspectKE* through a security aspect for a distributed chat system.

Download full text files

Export metadata

Additional Services

Search Google Scholar Statistics
Metadaten
Author details:Yang Fan, Hidehiko Masuhara, Tomoyuki Aotani, Flemming Nielson, Hanne Riis Nielson
URN:urn:nbn:de:kobv:517-opus-41369
Publication type:Conference Proceeding
Language:English
Publication year:2010
Publishing institution:Universität Potsdam
Release date:2010/02/26
Tag:aspect oriented programming; distributed systems; program analysis; security policies; tuple spaces
Source:Proceedings of the 9th Workshop on Aspects, Components, and Patterns for Infrastructure Software (ACP4IS '10) / Bram Adams, Michael Haupt, Daniel Lohmann (Hrsg.). - Potsdam : Universitätsverlag Potsdam, 2010. - ISBN 978-3-86956-043-4. - S. 27 - 31
Organizational units:An-Institute / Hasso-Plattner-Institut für Digital Engineering gGmbH
CCS classification:D. Software / D.3 PROGRAMMING LANGUAGES / D.3.3 Language Constructs and Features (E.2)
D. Software / D.4 OPERATING SYSTEMS (C) / D.4.6 Security and Protection (K.6.5)
F. Theory of Computation / F.3 LOGICS AND MEANINGS OF PROGRAMS / F.3.2 Semantics of Programming Languages (D.3.1)
DDC classification:0 Informatik, Informationswissenschaft, allgemeine Werke / 00 Informatik, Wissen, Systeme / 004 Datenverarbeitung; Informatik
Collection(s):Universität Potsdam / Tagungsbände/Proceedings (nicht fortlaufend) / Proceedings of the 9th Workshop on Aspects, Components, and Patterns for Infrastructure Software (ACP4IS \'10) / Session 2: Scanners and Sensors for Components and Codeof OS
License (German):License LogoKeine öffentliche Lizenz: Unter Urheberrechtsschutz
Accept ✔
This website uses technically necessary session cookies. By continuing to use the website, you agree to this. You can find our privacy policy here.