Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Enforcing trace properties by program transformation
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
ACM Transactions on Information and System Security (TISSEC)
A Framework for the Detection and Resolution of Aspect Interactions
GPCE '02 Proceedings of the 1st ACM SIGPLAN/SIGSOFT conference on Generative Programming and Component Engineering
ECOOP '01 Proceedings of the 15th European Conference on Object-Oriented Programming
Composition, reuse and interaction analysis of stateful aspects
Proceedings of the 3rd international conference on Aspect-oriented software development
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Computability classes for enforcement mechanisms
ACM Transactions on Programming Languages and Systems (TOPLAS)
Certified In-lined Reference Monitoring on .NET
Proceedings of the 2006 workshop on Programming languages and analysis for security
Foundations of incremental aspect model-checking
ACM Transactions on Software Engineering and Methodology (TOSEM)
Making trace monitors feasible
Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems and applications
AspectML: A polymorphic aspect-oriented functional programming language
ACM Transactions on Programming Languages and Systems (TOPLAS)
Aspect-oriented in-lined reference monitors
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Racer: effective race detection using aspectj
ISSTA '08 Proceedings of the 2008 international symposium on Software testing and analysis
Finding programming errors earlier by evaluating runtime monitors ahead-of-time
Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of software engineering
Proceedings of the 8th ACM international conference on Aspect-oriented software development
Enforcing IRM security policies: two case studies
ISI'09 Proceedings of the 2009 IEEE international conference on Intelligence and security informatics
ESOP'07 Proceedings of the 16th European conference on Programming
A compilation and optimization model for aspect-oriented programs
CC'03 Proceedings of the 12th international conference on Compiler construction
ActionScript in-lined reference monitoring in prolog
PADL'10 Proceedings of the 12th international conference on Practical Aspects of Declarative Languages
Model-checking in-lined reference monitors
VMCAI'10 Proceedings of the 11th international conference on Verification, Model Checking, and Abstract Interpretation
Java-MOP: a monitoring oriented programming environment for java
TACAS'05 Proceedings of the 11th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Flexible in-lined reference monitor certification: challenges and future directions
Proceedings of the 5th ACM workshop on Programming languages meets program verification
Aspect-Oriented runtime monitor certification
TACAS'12 Proceedings of the 18th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Cloud-Centric assured information sharing
PAISI'12 Proceedings of the 2012 Pacific Asia conference on Intelligence and Security Informatics
| Hi-index | 0.00 |
Many software security policies can be encoded as aspects that identify and guard security-relevant program operations. Bugs in these aspectually-implemented security policies often manifest as ambiguities in which aspects provide conflicting advice for a shared join point. The design and implementation of a detection algorithm for such ambiguities is presented and evaluated. The algorithm reduces advice conflict detection to a combination of boolean satisfiability, linear programming, and regular language non-emptiness. Case studies demonstrate that the analysis is useful for debugging aspect-oriented security policies for several existing aspectual security systems.