Abstract
Current social network systems support a large range of applications with very different security requirements. Even if available social network solutions provide some security functionalities, users do not control these functionalities and cannot customize them to handle their specific security needs. In this paper, we suggest a new approach to handle these issues. This approach is based on Aspect Oriented Programming (AOP) which enables the enforcement of an independent, reusable access control policy through the modification of the program at runtime. This makes possible to externalize the security concerns and weave them into an existing social network. Using this approach, it is possible to customize security of social network at different levels. First, one can specify the global security policy of the particular social network application and then, each member of this social network can further refine this global policy to specify their specific security requirements. This approach is illustrated on the open source social network system Elgg.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Kalam, A.A.E., Baida, R.E., Balbiani, P., Benferhat, S., Cuppens, F., Deswarte, Y., Miege, A., Saurel, C., Trouessin, G.: Organization based access control. In: Proceedings of the IEEE 4th International Workshop on Policies for Distributed Systems and Networks, POLICY 2003, pp. 120–131. IEEE (2003)
Sharma, M.: Elgg social networking. Packt Publishing, Birmingham (2008)
Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-based access control models. Computer 29, 38–47 (1996)
Sheiko, D.: Aspect-oriented software development and php (May 22, 2010), http://dsheiko.com/weblog/aspect-oriented-software-development-and-php
Gao-Feng, J., Yong, T., Yun-Cheng, J., Hong-Yi, Y.: A description logic approach to represent and extend rbac model. In: 1st International Symposium on Pervasive Computing and Applications, pp. 151–156 (2006)
Ferraiolo, D., Kuhn, D.: Role-based access controls. Arxiv preprint arXiv:0903.2171 (2009)
Roos Lindgreen, E., Herschberg, I.: On the validity of the bell-la padula model. Computers & Security 13, 317–333 (1994)
Saltzer, J., Schroeder, M.: The protection of information in computer systems. Proceedings of the IEEE 63, 1278–1308 (1975)
Thomas, R.K.: Team-based access control (tmac): a primitive for applying role-based access controls in collaborative environments. In: Proceedings of the Second ACM Workshop on Role-Based Access Control, pp. 13–19. ACM (1997)
Cuppens, F., Cuppens-Boulahia, N.: Modeling contextual security policies. International Journal of Information Security 7, 285–305 (2008)
Autrel, F., Cuppens, F., Cuppens-Boulahia, N., Coma, C.: Motorbac 2: a security policy tool. In: 3rd Conference on Security in Network Architectures and Information Systems (SAR-SSI 2008), Loctudy, France, pp. 273–288 (2008)
Cuppens, F., Miege, A.: Adorbac: an administration model for or-bac. International Journal of Computer Systems Science & Engineering 19, 151–162 (2004)
Laddad, R.: Aspectj in action. Practical Aspect Oriented Programming (2009)
Wand, M., Kiczales, G., Dutchyn, C.: A semantics for advice and dynamic join points in aspect-oriented programming. ACM Transactions on Programming Languages and Systems (TOPLAS) 26, 890–910 (2004)
Lämmel, R.: Declarative aspect-oriented programming. In: ACM SIGPLAN Workshop on Partial Evaluation and Semantics-Based Program Manipulation, pp. 131–146 (1999)
De Win, B., Joosen, W., Piessens, F.: Aosd & security: a practical assessment. In: Workshop on Software engineering Properties of Languages for Aspect Technologies (SPLAT 2003), Citeseer, pp. 1–6 (2003)
Huang, M., Wang, C., Zhang, L.: Toward a reusable and generic security aspect library. AOSD: AOSDSEC 4 (2004)
Parnas, D.: On the criteria to be used in decomposing systems into modules. Communications of the ACM 15, 1053–1058 (1972)
Chen, K., Lin, C.: An Aspect-Oriented Approach to Declarative Access Control for Web Applications. In: Zhou, X., Li, J., Shen, H.T., Kitsuregawa, M., Zhang, Y. (eds.) APWeb 2006. LNCS, vol. 3841, pp. 176–188. Springer, Heidelberg (2006)
De Win, B., Vanhaute, B., De Decker, B.: Security through aspect-oriented programming. Advances in Network and Distributed Systems Security, 125–138 (2002)
De Win, B., Piessens, F., Joosen, W., Verhanneman, T.: On the importance of the separation-of-concerns principle in secure software engineering. In: Workshop on the Application of Engineering Principles to System Security Design, WAEPSSD, Boston, MA, USA (2002)
Viega, J., Bloch, J., Chandra, P.: Applying aspect-oriented programming to security. Cutter IT Journal 14, 31–39 (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cuppens, F., Cuppens-Boulahia, N., Pena Viña, E. (2012). Adaptive Access Control Enforcement in Social Network Using Aspect Weaving. In: Yu, H., Yu, G., Hsu, W., Moon, YS., Unland, R., Yoo, J. (eds) Database Systems for Advanced Applications. DASFAA 2012. Lecture Notes in Computer Science, vol 7240. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29023-7_17
Download citation
DOI: https://doi.org/10.1007/978-3-642-29023-7_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-29022-0
Online ISBN: 978-3-642-29023-7
eBook Packages: Computer ScienceComputer Science (R0)