Applying dynamic separation of aspects to distributed systems security: a case study

Applying dynamic separation of aspects to distributed systems security: a case study

For access to this article, please select a purchase option:

Buy article PDF
(plus tax if applicable)
Buy Knowledge Pack
10 articles for £75.00
(plus taxes if applicable)

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Your details
Why are you recommending this title?
Select reason:
IET Software — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

Distributed systems are commonly required to be flexible and scalable, as the number and arrangement of their (potentially mobile) devices may easily change. Security in distributed systems is a complex issue which can produce several problems such as eavesdropping, phishing or denial of service. To overcome these problems, there are various security measures that can be applied. This study proposes the use of dynamic aspect-oriented software development (AOSD) to implement security mechanisms in distributed systems. By applying dynamic separation of concerns using AOSD, it becomes possible to adapt the security measures of distributed systems, even when their sizes and arrangements change, without compromising global security. These changes can be applied when a distributed system is running, without requiring its execution to be stopped or interrupted. Using the dynamic and static aspect weaving AOSD platform, the authors have implemented solutions for two common security problems in distributed systems: (i) access control and data flow and (ii) encryption of transmissions. Moreover, the proposed approach has been tested in a real client–server FTP scenario. Qualitative and quantitative evaluations of both implementations are presented to estimate the pros and cons of using dynamic AOSD in the development of security measures of distributed systems.


    1. 1)
      • Distributed systems security: issues, processes and solutions
    2. 2)
      • Irwin, J., Kickzales, G., Lamping, J.: `Aspect-oriented programming', IEEE Proc. ECOOP, 1997, Finland, p. 220–242
    3. 3)
      • Separation of concerns
    4. 4)
      • Popovici, A., Gross, T., Alonso, G.: `Dynamic weaving for aspect-oriented programming', Proc. First Int. Conf. on Aspect-Oriented Software Development, 2002, p. 141–147
    5. 5)
      • Vinuesa, L., Ortı́n, F., Félix, J.M., Álvarez, F.: `DSAW – a dynamic and static aspect weaving platform', ICSOFT (PL/DPS/KE), 2008, p. 55–62
    6. 6)
      • Introduction to computer security
    7. 7)
      • Security in computing
    8. 8)
    9. 9)
      • Zhang, Y., Lee, W.: `Intrusion detection in wireless ad hoc networks', Proc. 6th Annual Int. Conf. on Mobile Computing and Networking, 2000, p. 283
    10. 10)
      • Llewellyn-Jones, D., Merabti, M., Shi, Q., Askwith, B.: `Analysis and detection of access violations in componentised systems', Second Conf. on Advances in Computer Security and Forensics (ACSF 2007), 2007, Liverpool, UK, p. 12–13
    11. 11)
      • Zhao, Z., Li, W.: `Dynamic reconfiguration of distributed data flow systems', 31stAnnual Int. Computer Software and Applications Conf., COMPSAC, 2007, 2
    12. 12)
    13. 13)
      • Bellardo, J., Savage, S.: `802.11 denial-of-service attacks: real vulnerabilities and practical solutions', Proc. 12th Conf. on USENIX Security Symp., 2003, 12, p. 2
    14. 14)
      • Kiczales, G., Hilsdale, E., Hugunin, J., Kersten, M., Palm, J., Griswold, W.: `An overview of AspectJ', ECOOP 2001? Object-Oriented Programming, 2001, p. 327–354
    15. 15)
      • Ségura-Devillechaise, M., Menaud, J.M., Muller, G., Lawall, J.L.: `Web cache prefetching as an aspect: towards a dynamic-weaving based solution', Proc. Second Int. Conf. on Aspect-Oriented Software Development, 2003, p. 119
    16. 16)
    17. 17)
      • Pinto, M., Amor, M., Fuentes, L., Troya, J.M.: `Run-time coordination of components: design patterns vs. component aspect based platforms', ASoC Workshop (Advanced Separation of Concerns), 2001, p. 18–22
    18. 18)
      • Böllert, K.: `On weaving aspects', Proc. Workshop on Object-Oriented Technology, 1999, p. 302
    19. 19)
    20. 20)
    21. 21)
      • TG3. Common language infrastructure (CLI)
    22. 22)
      • Broch, J., Maltz, D.A., Johnson, D.B., Hu, Y.C., Jetcheva, J.: `A performance comparison of multi-hop wireless ad hoc network routing protocols', Proc. Fourth Annual ACM/IEEE Int. Conf. on Mobile Computing and Networking, 1998, p. 97
    23. 23)
      • Developing secure distributed systems with CORBA
    24. 24)
      • National Computer Security Center (NCSC): ‘Trusted network interpretation environments guideline’, 1990
    25. 25)
      • WCDMA for UMTS: radio access for third generation mobile communications
    26. 26)
      • Applying aspect-oriented programming to security
    27. 27)
      • Toward a reusable and generic security aspect library
    28. 28)
      • Taeho, K., Hongchul, L.: `Establishment of a security system using aspect oriented programming', 2008 Int. Conf. on Control, Automation and Systems, 2008, p. 863–866
    29. 29)
      • Shah, V., Hill, F.: `An aspect-oriented security framework', Proc. DARPA Information Survivability Conf. and Exposition, 2003, p. 143–145, vol. 2
    30. 30)
      • D: A language framework for distributed computing
    31. 31)
      • Truyen, E., Jørgensen, B.N., Joosen, W.: `Customization of component based object request brokers through dynamic reconfiguration', Technology of Object-Oriented Languages and Systems–TOOLS, 2000, p. 181–194, vol. 33
    32. 32)
      • Wan, H., Zhao, G.-a., Gao, Z.h., Gao, F., Wang, N.: `Universal design of web security based on AOP', 2009 Int. Symp. on Computer Network and Multimedia Technology, 2009, p. 1–4
    33. 33)
    34. 34)
    35. 35)
    36. 36)
      • Belblidia, N., Debbabi, M., Hanna, A., Yang, Z.: `AOP extension for security testing of programs', 2006 Canadian Conf. on Electrical and Computer Engineering, 2006, p. 647–650
    37. 37)
      • AOP support for mobile systems
    38. 38)
    39. 39)
      • Java virtual machine debugger interface specification
    40. 40)
      • Song, H., Yin, Y., Zheng, S.: `Dynamic aspects weaving in service composition', Sixth Int. Conf. on Intelligent Systems Design and Applications, 2006, p. 1003–1008
    41. 41)
      • Hermosillo, G., Gomez, R., Seinturier, L., Duchien, L.: `AProSec: an aspect for programming secure web applications', Second Int. Conf. on Availability, Reliability and Security (ARES'07), 2007, p. 1026–1033
    42. 42)
    43. 43)
      • AOCI: weaving components in a distributed environment
    44. 44)
      • Tanter, É., Fabry, J., Douence, R., Noyé, J., Südholt, M.: `Expressive scoping of distributed aspects', Proc. Eighth ACM Int. Conf. on Aspect-Oriented Software Development, 2009, p. 27–38

Related content

This is a required field
Please enter a valid email address