Name
Abstract | ||
|---|---|---|
The main contribution of this paper is to present an extension to AspectJ compiler ajc-1.5.0 for security hardening. The extension consists of two pointcuts that can capture the returned computable values of methods in both the execution scope and following a method invocation. The returned values in programs are the results of operations done in the execution scope of methods. They are significant for the intra-and inter-procedural dataflow analysis where they represent the context transitivity between the caller and the called methods in a given program. Any misuse of them can allow the reflection of important data and the disclosure of secret information. Moreover, any alteration of these values can violate the integrity of programs and conduct to their misbehavior. In this paper, we detail the design and the implementation of these two pointcuts. Finally, we present a case study to demonstrate how the data integrity property can be satisfied in distributed systems using the newly implemented pointcuts. |
Year | DOI | Venue |
|---|---|---|
2009 | 10.1080/19393550902791432 | Information Security Journal: A Global Perspective |
Keywords | Field | DocType |
computable value,main contribution,security hardening,method invocation,important data,capturing returned computable values,intra-and inter-procedural dataflow analysis,context transitivity,data integrity property,compiler ajc-1,case study,execution scope,data integrity,satisfiability,aspect oriented programming,distributed system | Programming language,Aspect-oriented programming,Computer science,Computer security,Compiler,Data integrity,Dataflow,AspectJ,Transitive relation | Journal |
Volume | Issue | ISSN |
18 | 2 | 1939-3555 |
Citations | PageRank | References |
0 | 0.34 | 7 |
Authors | ||
3 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| A. Boukhtouta | 1 | 0 | 0.34 |
| D. Alhadidi | 2 | 6 | 1.14 |
| M. Debbabi | 3 | 60 | 6.48 |