A Security Hardening Language Based on Aspect-Orientation

Mourad, Azzam; Laverdière, Marc-André; Debbabi, Mourad

doi:10.1007/978-3-540-88653-2_19

A Security Hardening Language Based on Aspect-Orientation

Azzam Mourad³,
Marc-André Laverdière³ &
Mourad Debbabi³

Conference paper

657 Accesses

Part of the Communications in Computer and Information Science book series (CCIS,volume 23)

Abstract

In this paper, we propose an aspect-oriented language, called SHL (Security Hardening Language), for specifying systematically the security hardening solutions. This language constitutes our new achievement towards developing our security hardening framework. SHL allows the description and specification of security hardening plans and patterns that are used to harden systematically security into the code. It is a minimalist language built on top of the current aspect-oriented technologies that are based on advice-poincut model and can also be used in conjunction with them. The primary contribution of this approach is providing the security architects with the capabilities to perform security hardening of software by applying well-defined solution and without the need to have expertise in the security solution domain. At the same time, the security hardening is applied in an organized and systematic way in order not to alter the original functionalities of the software. We explore the viability and relevance of our proposition by applying it into a case study and presenting the experimental results of securing the connections of open source software.

Keywords

Software Security Hardening
Aspect-Oriented Programming (AOP)
Security Hardening Patterns
Security Hardening Plans
Trusted and Open Source Software (FOSS)
Aspect-Oriented Language

This is a preview of subscription content, access via your institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Mourad, A., Laverdière, M.A., Debbabi, M.: Towards an aspect oriented approach for the security hardening of code. In: Proceedings of the 21st IEEE International Conference on Advanced Information Networking and Applications, SSNDS Symposium (AINA 2007), Niagara, ON, Canada. IEEE, Los Alamitos (2007)
Google Scholar
Schumacher, M.: Security Engineering with Patterns. Springer, Heidelberg (2003)
CrossRef MATH Google Scholar
Bishop, M.: Computer Security: Art and Science. Addison-Wesley Professional, Reading (2002)
Google Scholar
Kiczales, G., Hilsdale, E., Hugunin, J., Kersten, M., Palm, J., Griswold, W.: Overview of aspect. In: ECOOP 2001, Budapest, Hungary. Springer, Heidelberg (2001)
Google Scholar
Coady, Y., Kiczales, G., Feeley, M., Smolyn, G.: Using aspectc to improve the modularity of path-specific customization in operating system code. In: Proceedings of Foundations of software Engineering, Vienne, Austria (2001)
Google Scholar
Spinczyk, O., Gal, A., chroder Preikschat, W.: Aspectc++: An aspect-oriented extension to c++. In: Proceedings of the 40th International Conference on Technology of Object-Oriented Languages and Systems, Sydney, Australia (2002)
Google Scholar
Kim, H.: An aosd implementation for c#. Technical Report TCD-CS2002-55, Department of Computer Science, Trinity College, Dublin (2002)
Google Scholar
Bollert, K.: On weaving aspects. In: International Workshop on Aspect-Oriented Programming at ECOOP 1999 (1999)
Google Scholar
Cigital Labs: An aspect-oriented security assurance solution. Technical Report AFRL-IF-RS-TR-2003-254 (2003)
Google Scholar
DeWin, B.: Engineering Application Level Security through Aspect Oriented Software Development. PhD thesis, Katholieke Universiteit Leuven (2004)
Google Scholar
Bodkin, R.: Enterprise security aspects (2004) (Accessed April 2007), http://citeseer.ist.psu.edu/702193.html
Huang, M., Wang, C., Zhang, L.: Toward a reusable and generic security aspect library. In: AOSD:AOSDSEC 2004: AOSD Technology for Application level Security (2004)
Google Scholar

Download references

Author information

Authors and Affiliations

Computer Security Laboratory Concordia Institute for Information Systems Engineering, Concordia University, Montreal (QC), Canada
Azzam Mourad, Marc-André Laverdière & Mourad Debbabi

Authors

Azzam Mourad
View author publications
You can also search for this author in PubMed Google Scholar
Marc-André Laverdière
View author publications
You can also search for this author in PubMed Google Scholar
Mourad Debbabi
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Polytechnic Institute of Setúbal – INSTICC,, Av. D. Manuel I, 27A - 2. Esq., 2910-595, Setúbal, Portugal
Joaquim Filipe
Department of Computer Science, Monmouth University, West Long Branch, NJ 07764, U.S.A.
Mohammad S. Obaidat

Rights and permissions

Reprints and Permissions

Copyright information

About this paper

Cite this paper

Mourad, A., Laverdière, MA., Debbabi, M. (2008). A Security Hardening Language Based on Aspect-Orientation. In: Filipe, J., Obaidat, M.S. (eds) E-business and Telecommunications. ICETE 2007. Communications in Computer and Information Science, vol 23. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-88653-2_19

Download citation

DOI: https://doi.org/10.1007/978-3-540-88653-2_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-88652-5
Online ISBN: 978-3-540-88653-2
eBook Packages: Computer ScienceComputer Science (R0)