Session 2: Scanners and Sensors for Components and Codeof OS
Refine
Has Fulltext
- yes (2)
Year of publication
- 2010 (2)
Document Type
Language
- English (2)
Is part of the Bibliography
- no (2)
Keywords
- VIL (1)
- aspect oriented programming (1)
- aspectualization (1)
- crosscutting wrappers (1)
- distributed systems (1)
- program analysis (1)
- security policies (1)
- tuple spaces (1)
- views (1)
Institute
Enforcing security policies to distributed systems is difficult, in particular, when a system contains untrusted components. We designed AspectKE*, a distributed AOP language based on a tuple space, to tackle this issue. In AspectKE*, aspects can enforce access control policies that depend on future behavior of running processes. One of the key language features is the predicates and functions that extract results of static program analysis, which are useful for defining security aspects that have to know about future behavior of a program. AspectKE* also provides a novel variable binding mechanism for pointcuts, so that pointcuts can uniformly specify join points based on both static and dynamic information about the program. Our implementation strategy performs fundamental static analysis at load-time, so as to retain runtime overheads minimal. We implemented a compiler for AspectKE*, and demonstrate usefulness of AspectKE* through a security aspect for a distributed chat system.
Component based software development (CBSD) and aspectoriented software development (AOSD) are two complementary approaches. However, existing proposals for integrating aspects into component models are direct transposition of object-oriented AOSD techniques to components. In this article, we propose a new approach based on views. Our proposal introduces crosscutting components quite naturally and can be integrated into different component models.