AspectKE*: Security Aspects with Program Analysis for Distributed Systems

Fan Yang, Hidehiko Masuhara, Tomoyuki Aotani, Flemming Nielson, Hanne Riis Nielson

    Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

    231 Downloads (Pure)

    Abstract

    Enforcing security policies to distributed systems is difficult, in particular, when a system contains untrusted components. We designed AspectKE*, a distributed AOP language based on a tuple space, to tackle this issue. In AspectKE*, aspects can enforce access control policies that depend on future behavior of running processes. One of the key language features is the predicates and functions that extract results of static program analysis, which are useful for defining security aspects that have to know about future behavior of a program. AspectKE* also provides a novel variable binding mechanism for pointcuts, so that pointcuts can uniformly specify join points based on both static and dynamic information about the program. Our implementation strategy performs fundamental static analysis at load-time, so as to retain runtime overheads minimal. We implemented a compiler for AspectKE*, and demonstrate usefulness of AspectKE* through a security aspect for a distributed chat system.
    Original languageEnglish
    Title of host publicationProceedings of the 9th Workshop on Aspects, Components, and Patterns for Infrastructure Software (ACP4IS '10)
    EditorsBram Adams, Michael Haupt, Daniel Lohmann
    Number of pages47
    PublisherUniversitätsverlag Potsdam
    Publication date2010
    Pages27-31
    ISBN (Print)978-3-86956-043-4
    Publication statusPublished - 2010
    Event9th Workshop on Aspects, Components, and Patterns for Infrastructure Software (ACP4IS '10) - Rennes, France
    Duration: 1 Jan 2010 → …

    Conference

    Conference9th Workshop on Aspects, Components, and Patterns for Infrastructure Software (ACP4IS '10)
    CityRennes, France
    Period01/01/2010 → …
    SeriesTechnische Berichte des Hasso-Plattner-Instituts für Softwaresystemtechnik an der Universität Potsdam
    Number33

    Keywords

    • Aspect Oriented Programming, Program Analysis, Security Policies, Distributed Systems, Tuple Spaces

    Fingerprint

    Dive into the research topics of 'AspectKE*: Security Aspects with Program Analysis for Distributed Systems'. Together they form a unique fingerprint.

    Cite this