Login | Register

An aspect oriented approach for security hardening : semantic foundations

Title:

An aspect oriented approach for security hardening : semantic foundations

Belblidia, Nadia (2008) An aspect oriented approach for security hardening : semantic foundations. PhD thesis, Concordia University.

[thumbnail of NR63356.pdf]
Preview
Text (application/pdf)
NR63356.pdf - Accepted Version
9MB

Abstract

Computer security is nowadays a very important field in computer science and security hardening of applications becomes of paramount importance. Aspect oriented programming (AOP) is a relatively new technology that allows separation of concerns such as security, synchronization, logging, etc. This increases the readability, understandability, maintainability, and security of software systems. Furthermore, AOP allows automatic injection of the crosscutting concerns into the application code using a weaving mechanism. This thesis comes to provide theoretical study of using AOP for security hardening of applications. The main contributions of this thesis are the following. We propose a comparative study of AOP approaches from a security perspective. We establish a security appropriateness analysis of AspectJ and we propose new security constructs for this language. Since aspects in AspectJ are weaved (combined) with the Java Virtual Machine Language (JVML) application code, we develop a formal semantics for the JVML. We propose also a semantics for AspectJ that formalizes the advice weaving. We develop a new AOP calculus, n_SAOP, based on lambda calculus extended with security pointcuts. Finally, we implement three new constructs in AspectJ, namely getLocal , setLocal , and dflow , for local variable accesses and data flow analysis. In conclusion, this thesis demonstrates the relevance, importance, and appropriateness of using the AOP programming paradigm in hardening the security of applications

Divisions:Concordia University > Gina Cody School of Engineering and Computer Science > Electrical and Computer Engineering
Item Type:Thesis (PhD)
Authors:Belblidia, Nadia
Pagination:xv, 241 leaves : ill. ; 29 cm.
Institution:Concordia University
Degree Name:Ph. D.
Program:Electrical and Computer Engineering
Date:2008
Thesis Supervisor(s):Debbabi, M
Identification Number:LE 3 C66E44P 2008 B448
ID Code:976210
Deposited By: Concordia University Library
Deposited On:22 Jan 2013 16:21
Last Modified:13 Jul 2020 20:09
Related URLs:
All items in Spectrum are protected by copyright, with all rights reserved. The use of items is governed by Spectrum's terms of access.

Repository Staff Only: item control page

Downloads per month over past year

Research related to the current document (at the CORE website)
- Research related to the current document (at the CORE website)
Back to top Back to top