Your browser does not support JavaScript!

Applying dynamic separation of aspects to distributed systems security: a case study

Applying dynamic separation of aspects to distributed systems security: a case study

For access to this article, please select a purchase option:

Buy article PDF
(plus tax if applicable)
Buy Knowledge Pack
10 articles for $120.00
(plus taxes if applicable)

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Your details
Why are you recommending this title?
Select reason:
IET Software — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

Distributed systems are commonly required to be flexible and scalable, as the number and arrangement of their (potentially mobile) devices may easily change. Security in distributed systems is a complex issue which can produce several problems such as eavesdropping, phishing or denial of service. To overcome these problems, there are various security measures that can be applied. This study proposes the use of dynamic aspect-oriented software development (AOSD) to implement security mechanisms in distributed systems. By applying dynamic separation of concerns using AOSD, it becomes possible to adapt the security measures of distributed systems, even when their sizes and arrangements change, without compromising global security. These changes can be applied when a distributed system is running, without requiring its execution to be stopped or interrupted. Using the dynamic and static aspect weaving AOSD platform, the authors have implemented solutions for two common security problems in distributed systems: (i) access control and data flow and (ii) encryption of transmissions. Moreover, the proposed approach has been tested in a real client–server FTP scenario. Qualitative and quantitative evaluations of both implementations are presented to estimate the pros and cons of using dynamic AOSD in the development of security measures of distributed systems.


    1. 1)
    2. 2)
      • J. Viega , J.T. Bloch , P. Chandra . Applying aspect-oriented programming to security. Cutter IT J. , 2 , 31 - 39
    3. 3)
      • Popovici, A., Gross, T., Alonso, G.: `Dynamic weaving for aspect-oriented programming', Proc. First Int. Conf. on Aspect-Oriented Software Development, 2002, p. 141–147.
    4. 4)
      • H. Holma , A. Toskala . (2002) WCDMA for UMTS: radio access for third generation mobile communications.
    5. 5)
      • Song, H., Yin, Y., Zheng, S.: `Dynamic aspects weaving in service composition', Sixth Int. Conf. on Intelligent Systems Design and Applications, 2006, p. 1003–1008.
    6. 6)
    7. 7)
      • A. Belapurkar , A. Chakrabarti , H. Ponnapalli , N. Varadarajan , S. Padmanabhuni , S. Sundarrajan . (2009) Distributed systems security: issues, processes and solutions.
    8. 8)
      • M. Bishop . (2004) Introduction to computer security.
    9. 9)
      • Taeho, K., Hongchul, L.: `Establishment of a security system using aspect oriented programming', 2008 Int. Conf. on Control, Automation and Systems, 2008, p. 863–866.
    10. 10)
      • W. Hürsch , C.V. Lopes . (1995) Separation of concerns.
    11. 11)
    12. 12)
      • Llewellyn-Jones, D., Merabti, M., Shi, Q., Askwith, B.: `Analysis and detection of access violations in componentised systems', Second Conf. on Advances in Computer Security and Forensics (ACSF 2007), 2007, Liverpool, UK, p. 12–13.
    13. 13)
      • Wan, H., Zhao, G.-a., Gao, Z.h., Gao, F., Wang, N.: `Universal design of web security based on AOP', 2009 Int. Symp. on Computer Network and Multimedia Technology, 2009, p. 1–4.
    14. 14)
      • T.C. Ecma . TG3. Common language infrastructure (CLI).
    15. 15)
      • Vinuesa, L., Ortı́n, F., Félix, J.M., Álvarez, F.: `DSAW – a dynamic and static aspect weaving platform', ICSOFT (PL/DPS/KE), 2008, p. 55–62.
    16. 16)
    17. 17)
      • Zhang, Y., Lee, W.: `Intrusion detection in wireless ad hoc networks', Proc. 6th Annual Int. Conf. on Mobile Computing and Networking, 2000, p. 283.
    18. 18)
    19. 19)
      • (2000) Java virtual machine debugger interface specification.
    20. 20)
    21. 21)
    22. 22)
    23. 23)
      • A. Popovici , T. Gross , G. Alonso . AOP support for mobile systems.
    24. 24)
      • Hermosillo, G., Gomez, R., Seinturier, L., Duchien, L.: `AProSec: an aspect for programming secure web applications', Second Int. Conf. on Availability, Reliability and Security (ARES'07), 2007, p. 1026–1033.
    25. 25)
      • Shah, V., Hill, F.: `An aspect-oriented security framework', Proc. DARPA Information Survivability Conf. and Exposition, 2003, p. 143–145, vol. 2.
    26. 26)
      • Pinto, M., Amor, M., Fuentes, L., Troya, J.M.: `Run-time coordination of components: design patterns vs. component aspect based platforms', ASoC Workshop (Advanced Separation of Concerns), 2001, p. 18–22.
    27. 27)
      • Kiczales, G., Hilsdale, E., Hugunin, J., Kersten, M., Palm, J., Griswold, W.: `An overview of AspectJ', ECOOP 2001? Object-Oriented Programming, 2001, p. 327–354.
    28. 28)
      • U. Lang , R. Schreiner . (2002) Developing secure distributed systems with CORBA.
    29. 29)
      • C.P. Pfleeger , S.L. Pfleeger . (2003) Security in computing.
    30. 30)
    31. 31)
      • Zhao, Z., Li, W.: `Dynamic reconfiguration of distributed data flow systems', 31stAnnual Int. Computer Software and Applications Conf., COMPSAC, 2007, 2.
    32. 32)
      • National Computer Security Center (NCSC): ‘Trusted network interpretation environments guideline’, 1990.
    33. 33)
      • M. Huang , C. Wang , L. Zhang . Toward a reusable and generic security aspect library. AOSD: AOSDSEC , 156 - 167
    34. 34)
    35. 35)
      • Böllert, K.: `On weaving aspects', Proc. Workshop on Object-Oriented Technology, 1999, p. 302.
    36. 36)
      • G. Söldner , S. Schober , W. Schröder-Preikschat , R. Kapitza . AOCI: weaving components in a distributed environment.
    37. 37)
      • Tanter, É., Fabry, J., Douence, R., Noyé, J., Südholt, M.: `Expressive scoping of distributed aspects', Proc. Eighth ACM Int. Conf. on Aspect-Oriented Software Development, 2009, p. 27–38.
    38. 38)
      • Belblidia, N., Debbabi, M., Hanna, A., Yang, Z.: `AOP extension for security testing of programs', 2006 Canadian Conf. on Electrical and Computer Engineering, 2006, p. 647–650.
    39. 39)
      • Irwin, J., Kickzales, G., Lamping, J.: `Aspect-oriented programming', IEEE Proc. ECOOP, 1997, Finland, p. 220–242.
    40. 40)
      • Broch, J., Maltz, D.A., Johnson, D.B., Hu, Y.C., Jetcheva, J.: `A performance comparison of multi-hop wireless ad hoc network routing protocols', Proc. Fourth Annual ACM/IEEE Int. Conf. on Mobile Computing and Networking, 1998, p. 97.
    41. 41)
      • Truyen, E., Jørgensen, B.N., Joosen, W.: `Customization of component based object request brokers through dynamic reconfiguration', Technology of Object-Oriented Languages and Systems–TOOLS, 2000, p. 181–194, vol. 33.
    42. 42)
      • Bellardo, J., Savage, S.: `802.11 denial-of-service attacks: real vulnerabilities and practical solutions', Proc. 12th Conf. on USENIX Security Symp., 2003, 12, p. 2.
    43. 43)
      • C.V. Lopes , G. Kiczales . D: A language framework for distributed computing.
    44. 44)
      • Ségura-Devillechaise, M., Menaud, J.M., Muller, G., Lawall, J.L.: `Web cache prefetching as an aspect: towards a dynamic-weaving based solution', Proc. Second Int. Conf. on Aspect-Oriented Software Development, 2003, p. 119.

Related content

This is a required field
Please enter a valid email address