Copy the page URI to the clipboard
Laney, Robin C.; van der Linden, Janet and Thomas, Pete (2003). Evolving Legacy System Security Concerns Using Aspects. Technical Report 2003/13; Department of Computing, The Open University.
DOI: https://doi.org/10.21954/ou.ro.00016007
Abstract
This paper shows how aspects can be successfully employed in the support of system evolution. The context is a case study on migrating a legacy client-server application to overcome the security problems associated with 'message tampering' attacks. The focus is on authorization issues in which aspects are used to add a security mechanism based on digital signatures.The approach provides for future evolution of the system. In particular, it is shown how factoring of aspectual concerns allows the scope of the security boundary to be varied, illustrating reuse of the aspects.Whilst the aspects are added non-intrusively, it is demonstrated how aspects can modify the control-flow behaviour of a server. An extension to AspectJ's exception mechanism that conforms to design by contract is proposed to facilitate this form of aspect.