An Aspect-Oriented Security Assurance Solution

Abstract

Current tools and techniques to address security issues in a structured, comprehensive manner are sadly lacking. The most common method of addressing security flaws in software systems is the penetrate-and-patch" approach. This project examined the viability of using the aspect-oriented programming paradigm to address security issues. A flexible framework based on this paradigm, and several security aspects were developed demonstrating this approach. Aspects developed ranged from ones that addressed the most common causes of security exploits, such as buffer overruns, race conditions and format strings, to higher-level and more complex issues such as type safety and event ordering.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Oct 01, 2003
Accession Number
ADA419305

Entities

People

  • Viren Shah

Tags

Communities of Interest

  • Cyber
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Addressing
  • Air Force Research Laboratories
  • Computer Programming
  • Computer Programs
  • Computers
  • Language
  • Macroprogramming
  • Notation
  • Object Oriented Programming
  • Operating Systems
  • Programming Languages
  • Security
  • Software Development
  • Standards

Fields of Study

  • Computer science
  • Engineering

Readers

  • Cybersecurity.
  • Software Engineering.
  • Systems Analysis and Design