Return to search

Modular and secure access control with aspects

Doctor en Ciencias, Mención Computación / It is inevitable that some concerns crosscut a sizable application, resulting in code scattering and tangling. This issue is particularly severe for security-related concerns: it is difficult to be confident about the security of an application when the implementation of its security related concerns is scattered all over the code and tangled with other concerns, making global reasoning about security precarious.
In this thesis work, we consider the case of access control, a cornerstone of every security architecture, which turns out to be a crosscutting concern with a non-modular implementation based on runtime stack inspection in mainstream languages such as Java and C#. We make use of aspect orientation for the modular definition of access control. More precisely, we design and implement access control, including the advanced features associated to it, in a modular way.
We demonstrate that this modular implementation is secure, even in the presence of untrusted aspects. A modular implementation alleviates maintenance and evolution issues produced by the crosscutting nature of access control, and, more importantly, paves the way to global reasoning about access control.

Identiferoai:union.ndltd.org:UCHILE/oai:repositorio.uchile.cl:2250/117015
Date January 2014
CreatorsToledo Toledo, Rodolfo Andrés
ContributorsTanter, Éric, Facultad de Ciencias Físicas y Matemáticas, Departamento de Ciencias de la Computación, Fabry, Johan, Hevia Angulo, Alejandro, Bodden, Eric
PublisherUniversidad de Chile
Source SetsUniversidad de Chile
LanguageEnglish
Detected LanguageEnglish
TypeTesis
RightsAttribution-NonCommercial-NoDerivs 3.0 Chile, http://creativecommons.org/licenses/by-nc-nd/3.0/cl/

Page generated in 0.0022 seconds