Evolution of aspects for legacy system security concerns

Laney, Robin C.; van der Linden, Janet and Thomas, Pete (2004). Evolution of aspects for legacy system security concerns. In: AOSD'04 International Conference on Aspect-Oriented Software Development, 22-26 Mar 2004, Lancaster, UK.

URL: http://www.cs.kuleuven.ac.be/~distrinet/events/aos...


This paper shows how aspects can be successfully employed in the support of system evolution. The context is a case study on migrating a legacy client-server application to overcome the security problems associated with 'message tampering' attacks. The focus is on authorization issues in which aspects are used to add a security mechanism based on digital signatures. The approach provides for future evolution of the system. In particular, it is shown how factoring of aspectual concerns allows the scope of the security boundary to be varied, illustrating reuse of the aspects.
Whilst the aspects are added non-intrusively, it is demonstrated how aspects can modify the control-flow behaviour of a server. We propose a programming idiom that conforms to Design by Contract.

Viewing alternatives

No digital document available to download for this item

Item Actions