1 / 32

Aspect Security

Aspect Security. RaviShekhar Gopalan Prof. Lieberherr. Software Security (CSG379). Topics Covered. Topics. Short Security Overview Motivation for this project What is this project? Implementation Future Work References. Security Overview. Security in Software Engineering.

Download Presentation

Aspect Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Aspect Security RaviShekhar Gopalan Prof. Lieberherr Software Security (CSG379)

  2. Topics Covered

  3. Topics • Short Security Overview • Motivation for this project • What is this project? • Implementation • Future Work • References

  4. Security Overview

  5. Security in Software Engineering • A non-functional requirement • Applied as a patch at the end of SDLC • Not a design-consideration • Preference for non-invasive techniques • Not a prime focus during development • Leads to a disconnection between development and “security” cycle

  6. Types of Security • Domain Level Security • Is dependent on an application • Similar to Business Rules • Security policies, ACLs – Non-invasive • Store them as rules in config files • E.g. xml files in J2EE • Provided by language • Not the focus anywhere • This project is about improvements to the security features provided by the language

  7. Security provided by the language • Language should provide features for security • Similar to “public”, “private” there should be some “const” keyword similar to C++ • Every method should declare its behavior • For e.g. we might have a new set of keywords • Immutable • Inspector • Mutator

  8. Motivation

  9. Enter AOP! • Security loopholes may not be intentional • Bug fixes may introduce security bugs • More so with AOP (compartmentalization) • Right time to correct in AOP whatever was not done in OOP • Since AOP still in infancy, security focus can be imbibed

  10. Aspect Security • Aspects are powerful. • Need a controlled & safe way of aspect oriented development • Need a stronger safety net than normal languages

  11. Simple Demo !!

  12. What is this project?

  13. Ideally, …. • Ideally, language should provide features for security • Every method should declare its behavior • If not, metadata will have to be used.

  14. Requirements?? • At the least, compiler should • Warn if it can determine whether a possible security breach exists • There exists possible loop-holes which can be exploited in future • Guard against these by putting dynamic checks in place • This is a bit ambitious, but not too much.

  15. What is a Secure Aspect? • A secure aspect is an aspect which is secure • For object-oriented programs, an aspect should not • interfere with the OO part of the system • modify behavior of the object which it is trying to influence. • modify data of the object which it is trying to influence.

  16. What should a secure aspect do? • A secure aspect should • Add behavior at a join point • Add checks for certain conditions • Basically be an inspector

  17. What a secure aspect should not do? • A secure aspect should not • Modify an object’s behavior at any join point • Modify an object’s data at any join point • Should not change an object’s hierarchy if the object is not open to change (……)

  18. Implementation

  19. How to do it? • In order to determine the security aspects statically, • step in at compile time • influence the compiler with our security rules • Security Rules can be hard-coded or in some XML file • Rules in an XML file require development of a separate language syntax and its validation

  20. Aspect Bench Compiler • abc compiler from Oxford University • Chosen because it is open-source • Open and easy to extend • Gives extension-writers the AST in objects which are easier to manipulate

  21. abc Architecture

  22. abc Modification Point

  23. Proposed Change Compiler Front End Aspect Checker Static Weaving

  24. Proof of Concept • Aspect Checker checks aspects before weaving • For this PoC, I am checking whether an aspect calls a setter method of the main class

  25. Aspect Checker Main BankAccount::initialize() Aspect Set Account Id to 0

  26. Design of Aspect Checker abc Compiler AspectInfo GlobalAspectChecker Individual Checkers BankAccountChecker BankChecker AccountChecker

  27. Demo of Aspect Checker

  28. Future Work

  29. Future Work • Handle inter-type declarations • Handle weaving of aspect-checking code • Finalize design of AspectChecker

  30. References

  31. References • Building the abc AspectJ compiler with Polyglot and Soot • abc Technical Report No. abc-2004-2 • abc : An extensible AspectJ compiler • abc Technical Report No. abc-2004-1 • The abc scanner and parser, including an LALR(1) grammar for AspectJ

  32. Thank You!!

More Related