Opening (unintended) covered channels Prevent leakage Example: sharing information between authentication and authorization module…
Our focus… Intended attacks: not our focus now Unintentional attacks. –Because of aspect interference… –Security solution Probably multiple aspects, to be composed Can this be a (sort of) sand-box?
Headlines of what we need… 1. Principle of least privilige –State what privilige any aspect would have on a given aspect –Then explicitly allow more privilige To certain classes, or instances 2. Order of composition –E.g. Log before decrypt… 3. Aspects sharing state (communicate) –Do not allow leaking/interception.
Adoption Evolution of the applications: –If I compose the new version of the application with the security aspect: –Who confirms that the result is right? Is it worse then what we are used to (without aspects)? Lots of psycho?
Your consent to our cookies if you continue to use this website.