Capturing Returned Computable Values in AspectJ for Security Hardening

Authors:
A. Boukhtouta;D. Alhadidi;M. Debbabi
Affiliations:
Concordia Institute for Information Systems Engineering, Concordia University, Montreal, Quebec, Canada;Concordia Institute for Information Systems Engineering, Concordia University, Montreal, Quebec, Canada;Concordia Institute for Information Systems Engineering, Concordia University, Montreal, Quebec, Canada
Venue:
Information Security Journal: A Global Perspective
Year:
2009

Citing 7
Cited 0

Using aspectC to improve the modularity of path-specific customization in operating system code

Proceedings of the 8th European software engineering conference held jointly with 9th ACM SIGSOFT international symposium on Foundations of software engineering
An Overview of AspectJ

ECOOP '01 Proceedings of the 15th European Conference on Object-Oriented Programming
On Weaving Aspects

Proceedings of the Workshop on Object-Oriented Technology
Security Through Aspect-Oriented Programming

Proceedings of the IFIP TC11 WG11.4 First Annual Working Conference on Network Security: Advances in Network and Distributed Systems Security
Remote pointcut: a language construct for distributed AOP

Proceedings of the 3rd international conference on Aspect-oriented software development
Applying aspect oriented programming to distributed storage metadata management

Proceedings of the 2nd workshop on Best practices in applying aspect-oriented software development
Security crosscutting concerns and AspectJ

Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services

Quantified Score

Hi-index	0.00

Visualization

Abstract

The main contribution of this paper is to present an extension to AspectJ compiler ajc-1.5.0 for security hardening. The extension consists of two pointcuts that can capture the returned computable values of methods in both the execution scope and following a method invocation. The returned values in programs are the results of operations done in the execution scope of methods. They are significant for the intra-and inter-procedural dataflow analysis where they represent the context transitivity between the caller and the called methods in a given program. Any misuse of them can allow the reflection of important data and the disclosure of secret information. Moreover, any alteration of these values can violate the integrity of programs and conduct to their misbehavior. In this paper, we detail the design and the implementation of these two pointcuts. Finally, we present a case study to demonstrate how the data integrity property can be satisfied in distributed systems using the newly implemented pointcuts.