Skip to main content

A Security Hardening Language Based on Aspect-Orientation

  • Conference paper
  • 657 Accesses

Part of the Communications in Computer and Information Science book series (CCIS,volume 23)


In this paper, we propose an aspect-oriented language, called SHL (Security Hardening Language), for specifying systematically the security hardening solutions. This language constitutes our new achievement towards developing our security hardening framework. SHL allows the description and specification of security hardening plans and patterns that are used to harden systematically security into the code. It is a minimalist language built on top of the current aspect-oriented technologies that are based on advice-poincut model and can also be used in conjunction with them. The primary contribution of this approach is providing the security architects with the capabilities to perform security hardening of software by applying well-defined solution and without the need to have expertise in the security solution domain. At the same time, the security hardening is applied in an organized and systematic way in order not to alter the original functionalities of the software. We explore the viability and relevance of our proposition by applying it into a case study and presenting the experimental results of securing the connections of open source software.


  • Software Security Hardening
  • Aspect-Oriented Programming (AOP)
  • Security Hardening Patterns
  • Security Hardening Plans
  • Trusted and Open Source Software (FOSS)
  • Aspect-Oriented Language

This is a preview of subscription content, access via your institution.

Buying options

USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. Mourad, A., Laverdière, M.A., Debbabi, M.: Towards an aspect oriented approach for the security hardening of code. In: Proceedings of the 21st IEEE International Conference on Advanced Information Networking and Applications, SSNDS Symposium (AINA 2007), Niagara, ON, Canada. IEEE, Los Alamitos (2007)

    Google Scholar 

  2. Schumacher, M.: Security Engineering with Patterns. Springer, Heidelberg (2003)

    CrossRef  MATH  Google Scholar 

  3. Bishop, M.: Computer Security: Art and Science. Addison-Wesley Professional, Reading (2002)

    Google Scholar 

  4. Kiczales, G., Hilsdale, E., Hugunin, J., Kersten, M., Palm, J., Griswold, W.: Overview of aspect. In: ECOOP 2001, Budapest, Hungary. Springer, Heidelberg (2001)

    Google Scholar 

  5. Coady, Y., Kiczales, G., Feeley, M., Smolyn, G.: Using aspectc to improve the modularity of path-specific customization in operating system code. In: Proceedings of Foundations of software Engineering, Vienne, Austria (2001)

    Google Scholar 

  6. Spinczyk, O., Gal, A., chroder Preikschat, W.: Aspectc++: An aspect-oriented extension to c++. In: Proceedings of the 40th International Conference on Technology of Object-Oriented Languages and Systems, Sydney, Australia (2002)

    Google Scholar 

  7. Kim, H.: An aosd implementation for c#. Technical Report TCD-CS2002-55, Department of Computer Science, Trinity College, Dublin (2002)

    Google Scholar 

  8. Bollert, K.: On weaving aspects. In: International Workshop on Aspect-Oriented Programming at ECOOP 1999 (1999)

    Google Scholar 

  9. Cigital Labs: An aspect-oriented security assurance solution. Technical Report AFRL-IF-RS-TR-2003-254 (2003)

    Google Scholar 

  10. DeWin, B.: Engineering Application Level Security through Aspect Oriented Software Development. PhD thesis, Katholieke Universiteit Leuven (2004)

    Google Scholar 

  11. Bodkin, R.: Enterprise security aspects (2004) (Accessed April 2007),

  12. Huang, M., Wang, C., Zhang, L.: Toward a reusable and generic security aspect library. In: AOSD:AOSDSEC 2004: AOSD Technology for Application level Security (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations


Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Mourad, A., Laverdière, MA., Debbabi, M. (2008). A Security Hardening Language Based on Aspect-Orientation. In: Filipe, J., Obaidat, M.S. (eds) E-business and Telecommunications. ICETE 2007. Communications in Computer and Information Science, vol 23. Springer, Berlin, Heidelberg.

Download citation

  • DOI:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-88652-5

  • Online ISBN: 978-3-540-88653-2

  • eBook Packages: Computer ScienceComputer Science (R0)