http://iet.metastore.ingenta.com
1887

Applying dynamic separation of aspects to distributed systems security: a case study

Applying dynamic separation of aspects to distributed systems security: a case study

For access to this article, please select a purchase option:

Buy article PDF
£12.50
(plus tax if applicable)
Buy Knowledge Pack
10 articles for £75.00
(plus taxes if applicable)

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend to library

You must fill out fields marked with: *

Librarian details
Name:*
Email:*
Your details
Name:*
Email:*
Department:*
Why are you recommending this title?
Select reason:
 
 
 
 
 
IET Software — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

Distributed systems are commonly required to be flexible and scalable, as the number and arrangement of their (potentially mobile) devices may easily change. Security in distributed systems is a complex issue which can produce several problems such as eavesdropping, phishing or denial of service. To overcome these problems, there are various security measures that can be applied. This study proposes the use of dynamic aspect-oriented software development (AOSD) to implement security mechanisms in distributed systems. By applying dynamic separation of concerns using AOSD, it becomes possible to adapt the security measures of distributed systems, even when their sizes and arrangements change, without compromising global security. These changes can be applied when a distributed system is running, without requiring its execution to be stopped or interrupted. Using the dynamic and static aspect weaving AOSD platform, the authors have implemented solutions for two common security problems in distributed systems: (i) access control and data flow and (ii) encryption of transmissions. Moreover, the proposed approach has been tested in a real client–server FTP scenario. Qualitative and quantitative evaluations of both implementations are presented to estimate the pros and cons of using dynamic AOSD in the development of security measures of distributed systems.

References

    1. 1)
      • A. Belapurkar , A. Chakrabarti , H. Ponnapalli , N. Varadarajan , S. Padmanabhuni , S. Sundarrajan . (2009) Distributed systems security: issues, processes and solutions.
    2. 2)
      • Irwin, J., Kickzales, G., Lamping, J.: `Aspect-oriented programming', IEEE Proc. ECOOP, 1997, Finland, p. 220–242.
    3. 3)
      • W. Hürsch , C.V. Lopes . (1995) Separation of concerns.
    4. 4)
      • Popovici, A., Gross, T., Alonso, G.: `Dynamic weaving for aspect-oriented programming', Proc. First Int. Conf. on Aspect-Oriented Software Development, 2002, p. 141–147.
    5. 5)
      • Vinuesa, L., Ortı́n, F., Félix, J.M., Álvarez, F.: `DSAW – a dynamic and static aspect weaving platform', ICSOFT (PL/DPS/KE), 2008, p. 55–62.
    6. 6)
      • M. Bishop . (2004) Introduction to computer security.
    7. 7)
      • C.P. Pfleeger , S.L. Pfleeger . (2003) Security in computing.
    8. 8)
    9. 9)
      • Zhang, Y., Lee, W.: `Intrusion detection in wireless ad hoc networks', Proc. 6th Annual Int. Conf. on Mobile Computing and Networking, 2000, p. 283.
    10. 10)
      • Llewellyn-Jones, D., Merabti, M., Shi, Q., Askwith, B.: `Analysis and detection of access violations in componentised systems', Second Conf. on Advances in Computer Security and Forensics (ACSF 2007), 2007, Liverpool, UK, p. 12–13.
    11. 11)
      • Zhao, Z., Li, W.: `Dynamic reconfiguration of distributed data flow systems', 31stAnnual Int. Computer Software and Applications Conf., COMPSAC, 2007, 2.
    12. 12)
    13. 13)
      • Bellardo, J., Savage, S.: `802.11 denial-of-service attacks: real vulnerabilities and practical solutions', Proc. 12th Conf. on USENIX Security Symp., 2003, 12, p. 2.
    14. 14)
      • Kiczales, G., Hilsdale, E., Hugunin, J., Kersten, M., Palm, J., Griswold, W.: `An overview of AspectJ', ECOOP 2001? Object-Oriented Programming, 2001, p. 327–354.
    15. 15)
      • Ségura-Devillechaise, M., Menaud, J.M., Muller, G., Lawall, J.L.: `Web cache prefetching as an aspect: towards a dynamic-weaving based solution', Proc. Second Int. Conf. on Aspect-Oriented Software Development, 2003, p. 119.
    16. 16)
    17. 17)
      • Pinto, M., Amor, M., Fuentes, L., Troya, J.M.: `Run-time coordination of components: design patterns vs. component aspect based platforms', ASoC Workshop (Advanced Separation of Concerns), 2001, p. 18–22.
    18. 18)
      • Böllert, K.: `On weaving aspects', Proc. Workshop on Object-Oriented Technology, 1999, p. 302.
    19. 19)
    20. 20)
    21. 21)
      • T.C. Ecma . TG3. Common language infrastructure (CLI).
    22. 22)
      • Broch, J., Maltz, D.A., Johnson, D.B., Hu, Y.C., Jetcheva, J.: `A performance comparison of multi-hop wireless ad hoc network routing protocols', Proc. Fourth Annual ACM/IEEE Int. Conf. on Mobile Computing and Networking, 1998, p. 97.
    23. 23)
      • U. Lang , R. Schreiner . (2002) Developing secure distributed systems with CORBA.
    24. 24)
      • National Computer Security Center (NCSC): ‘Trusted network interpretation environments guideline’, 1990.
    25. 25)
      • H. Holma , A. Toskala . (2002) WCDMA for UMTS: radio access for third generation mobile communications.
    26. 26)
      • J. Viega , J.T. Bloch , P. Chandra . Applying aspect-oriented programming to security. Cutter IT J. , 2 , 31 - 39
    27. 27)
      • M. Huang , C. Wang , L. Zhang . Toward a reusable and generic security aspect library. AOSD: AOSDSEC , 156 - 167
    28. 28)
      • Taeho, K., Hongchul, L.: `Establishment of a security system using aspect oriented programming', 2008 Int. Conf. on Control, Automation and Systems, 2008, p. 863–866.
    29. 29)
      • Shah, V., Hill, F.: `An aspect-oriented security framework', Proc. DARPA Information Survivability Conf. and Exposition, 2003, p. 143–145, vol. 2.
    30. 30)
      • C.V. Lopes , G. Kiczales . D: A language framework for distributed computing.
    31. 31)
      • Truyen, E., Jørgensen, B.N., Joosen, W.: `Customization of component based object request brokers through dynamic reconfiguration', Technology of Object-Oriented Languages and Systems–TOOLS, 2000, p. 181–194, vol. 33.
    32. 32)
      • Wan, H., Zhao, G.-a., Gao, Z.h., Gao, F., Wang, N.: `Universal design of web security based on AOP', 2009 Int. Symp. on Computer Network and Multimedia Technology, 2009, p. 1–4.
    33. 33)
    34. 34)
    35. 35)
    36. 36)
      • Belblidia, N., Debbabi, M., Hanna, A., Yang, Z.: `AOP extension for security testing of programs', 2006 Canadian Conf. on Electrical and Computer Engineering, 2006, p. 647–650.
    37. 37)
      • A. Popovici , T. Gross , G. Alonso . AOP support for mobile systems.
    38. 38)
    39. 39)
      • (2000) Java virtual machine debugger interface specification.
    40. 40)
      • Song, H., Yin, Y., Zheng, S.: `Dynamic aspects weaving in service composition', Sixth Int. Conf. on Intelligent Systems Design and Applications, 2006, p. 1003–1008.
    41. 41)
      • Hermosillo, G., Gomez, R., Seinturier, L., Duchien, L.: `AProSec: an aspect for programming secure web applications', Second Int. Conf. on Availability, Reliability and Security (ARES'07), 2007, p. 1026–1033.
    42. 42)
    43. 43)
      • G. Söldner , S. Schober , W. Schröder-Preikschat , R. Kapitza . AOCI: weaving components in a distributed environment.
    44. 44)
      • Tanter, É., Fabry, J., Douence, R., Noyé, J., Südholt, M.: `Expressive scoping of distributed aspects', Proc. Eighth ACM Int. Conf. on Aspect-Oriented Software Development, 2009, p. 27–38.
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-sen.2010.0160
Loading

Related content

content/journals/10.1049/iet-sen.2010.0160
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading
This is a required field
Please enter a valid email address