Aspect Oriented Programming Carlos Oviedo Secure Systems Research

  • Slides: 18
Download presentation
Aspect Oriented Programming Carlos Oviedo Secure Systems Research Group - FAU

Aspect Oriented Programming Carlos Oviedo Secure Systems Research Group - FAU

Introduction • Late 90’s PARC (Palo Alto Research Center) • Object Oriented Programming &

Introduction • Late 90’s PARC (Palo Alto Research Center) • Object Oriented Programming & Metaobject modeling protocols • Capture cross-cutting concerns • Aspect. J Java • Under constant development Secure Systems Research Group - FAU

Cross-cutting concerns • Not encapsulated by imperative object oriented programming languages (C, C#, Java,

Cross-cutting concerns • Not encapsulated by imperative object oriented programming languages (C, C#, Java, Pascal. Etc) [Cac 04] Secure Systems Research Group - FAU

Cross-cutting concerns • Sometimes requirements relating to a particular concern are spread among multiple

Cross-cutting concerns • Sometimes requirements relating to a particular concern are spread among multiple requirement sources. • Example: Logging • The consequence Code spread across several modules Secure Systems Research Group - FAU

Cross-cutting concerns A specific concern spread along multiple classes Secure Systems Research Group -

Cross-cutting concerns A specific concern spread along multiple classes Secure Systems Research Group - FAU

Cross-cutting concerns • Security is a concern that has impact on each design unit.

Cross-cutting concerns • Security is a concern that has impact on each design unit. • Modifying the affected design units accordingly can be fault prone and a tedious task. • Other examples: • identity management • transaction integrity • authentication • performance Secure Systems Research Group - FAU

Aspects Outline • Cross cutting concerns are not reusable (cannot be refined or inherited)

Aspects Outline • Cross cutting concerns are not reusable (cannot be refined or inherited) • AOP Modularizes cross cutting concerns • • Pointcut (dynamic) Advice (dynamic) Inter-type declarations (static) Aspects (encapsulates constructions) Secure Systems Research Group - FAU

Aspects Outline JOIN POINT: • A specific execution point in the program flow POINT

Aspects Outline JOIN POINT: • A specific execution point in the program flow POINT CUT: • Selects certain join points and values at those points Secure Systems Research Group - FAU

Point Cuts • Call join point actions of an object receiving a call pointcut

Point Cuts • Call join point actions of an object receiving a call pointcut move(): call(void call(void Figure. Element. set. XY(int, int)) || Point. set. X(int)) || Point. set. Y(int)) || Line. set. P 1(Point))|| Line. set. P 2(Point)); Secure Systems Research Group - FAU

Advices • To implement the cross cutting behaviors we use advices before(): move() {

Advices • To implement the cross cutting behaviors we use advices before(): move() { System. out. println("about to move"); } after() returning: move() { System. out. println("just successfully moved"); } Secure Systems Research Group - FAU

Aspects • Aspects are wrappers • Very similar to “object oriented” classes aspect Logging

Aspects • Aspects are wrappers • Very similar to “object oriented” classes aspect Logging { Output. Stream log. Stream = System. err; before(): move() { log. Stream. println("about to move"); } } Secure Systems Research Group - FAU

Aspects in security • Example: Control access to a specific resource Account access by

Aspects in security • Example: Control access to a specific resource Account access by a bank officer Secure Systems Research Group - FAU

Aspects in security public aspect Account. Authorization { Output. Stream log. Stream = System.

Aspects in security public aspect Account. Authorization { Output. Stream log. Stream = System. err; boolean grant. Access(string id){ if(id != “guest”) return true else return false; } Pointcut change(): call(void Account. Make. With. Drawal()); before(): change(){ log. Stream. println("Change in progress. . . "); if(!grant. Access(context. id)) throw new Unauthorized. Access. Exception(); } } Secure Systems Research Group - FAU

Aspects in security Pointcut change(): call(* Make. Withdrawal(. . )); Secure Systems Research Group

Aspects in security Pointcut change(): call(* Make. Withdrawal(. . )); Secure Systems Research Group - FAU

Aspects in security abstract aspect Simple. Authorization{ Output. Stream log. Stream = System. err;

Aspects in security abstract aspect Simple. Authorization{ Output. Stream log. Stream = System. err; public static boolean grant. Access(string id) { if(id != “guest”) return true else return false; } abstract pointcut change(): call( * Make*(. . )); before(): change() { log. Stream. println("Change in progress. . . "); if(!grant. Access(context. id)) throw new Unauthorized. Access. Exception(); } } Secure Systems Research Group - FAU

Aspects in security • A specialization of the aspect: public aspect Transaction. Authorization extends

Aspects in security • A specialization of the aspect: public aspect Transaction. Authorization extends Simple. Authorization { pointcut change(): within(Transaction) || within(Secure. Transaction); //. . . } Secure Systems Research Group - FAU

Conclusions • Aspects are capable abstract structures to capture cross cutting concerns such as

Conclusions • Aspects are capable abstract structures to capture cross cutting concerns such as security and can be applied to a system after it has been written. • Security concerns can be maintained in one place • Another example : track who did what on a system Non-repudiation • Currently this field is under constant expansion and it is worth to exploring its potential due its ability to encapsulate concerns Secure Systems Research Group - FAU

AOP: Aspect Oriented Programming Theserverside. com Secure Systems Research Group - FAU

AOP: Aspect Oriented Programming Theserverside. com Secure Systems Research Group - FAU

Aspect Oriented Programming Aspect Oriented Software Development AOSDAspect Oriented Programming Aspect Oriented Software Development AOSD
Aspect Oriented Programming Aspect Oriented Software Development AOSDAspect Oriented Programming Aspect Oriented Software Development AOSD
Aspect Oriented Programming Aspect Component Based Software EngineeringAspect Oriented Programming Aspect Component Based Software Engineering
Lesson 6 Aspect What is aspect Aspect isLesson 6 Aspect What is aspect Aspect is
ASPECT RATIO PAI ANELA Aspect Ratio Aspect RatioodnosASPECT RATIO PAI ANELA Aspect Ratio Aspect Ratioodnos
SECURE INTERNET SECURE GENERATIONS SECURE INTERNET SECURE GENERATIONSSECURE INTERNET SECURE GENERATIONS SECURE INTERNET SECURE GENERATIONS
CS 520 Web Programming Spring Aspect Oriented ProgrammingCS 520 Web Programming Spring Aspect Oriented Programming
Aspect Oriented Programming in Distributed Systems CSE 333Aspect Oriented Programming in Distributed Systems CSE 333
AspectOriented Programming with Aspect J Aspect J orgAspectOriented Programming with Aspect J Aspect J org
AspectOriented Programming with Aspect J Aspect J orgAspectOriented Programming with Aspect J Aspect J org
AspectOriented Programming with Aspect J the Aspect JAspectOriented Programming with Aspect J the Aspect J
Introduction to Object Oriented Programming Object Oriented ProgrammingIntroduction to Object Oriented Programming Object Oriented Programming
C Classes Object Oriented Programming Object Oriented ProgrammingC Classes Object Oriented Programming Object Oriented Programming
PENDAHULUAN Object Oriented Programming Object Oriented Programming KonsepPENDAHULUAN Object Oriented Programming Object Oriented Programming Konsep
Object Oriented Programming Lecture 2 Object Oriented ProgrammingObject Oriented Programming Lecture 2 Object Oriented Programming
OBJECT ORIENTED PROGRAMMING INTRODUCTION TO OBJECT ORIENTED PROGRAMMINGOBJECT ORIENTED PROGRAMMING INTRODUCTION TO OBJECT ORIENTED PROGRAMMING
PRINCIPLES OF OBJECT ORIENTED PROGRAMMING Procedure Oriented ProgrammingPRINCIPLES OF OBJECT ORIENTED PROGRAMMING Procedure Oriented Programming