Mapping of security concerns in design to security aspects in code

Chase Baker, Michael Shin

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Scopus citations

Abstract

By careful separation of concerns, security requirements and design for security services can be modeled separately from application concerns. This modeling approach reduces system complexity caused by mixing security requirements and designs with application requirements and designs This separation of concerns is also needed in the implementation phase to consistently reduce system complexity. This paper addresses separation of application and security concerns in the implementation phase of secure software development. Security components separated from application components in the software architecture are implemented via security aspects with aspect-oriented programming, whereas application components are implemented through application objects with object-oriented programming. The mapping scheme of security components to security aspects is described in terms of security requirements. A security aspect is committed whenever application objects need the security aspect. A business-to-business (B2B) electronic commerce system is used to validate the proposed approach using Java and AspectJ.

Original languageEnglish
Title of host publicationProceedings of the 2012 IEEE 6th International Conference on Software Security and Reliability Companion, SERE-C 2012
Pages102-110
Number of pages9
DOIs
StatePublished - 2012
Event2012 IEEE 6th International Conference on Software Security and Reliability Companion, SERE-C 2012 - Gaithersburg, MD, United States
Duration: Jun 20 2012Jun 22 2012

Publication series

NameProceedings of the 2012 IEEE 6th International Conference on Software Security and Reliability Companion, SERE-C 2012

Conference

Conference2012 IEEE 6th International Conference on Software Security and Reliability Companion, SERE-C 2012
CountryUnited States
CityGaithersburg, MD
Period06/20/1206/22/12

Fingerprint Dive into the research topics of 'Mapping of security concerns in design to security aspects in code'. Together they form a unique fingerprint.

Cite this