Title :
Cross-Language Weaving Approach Targeting Software Security Hardening
Author :
Mourad, Azzam ; Alhadidi, Dima ; Debbabi, Mourad
Author_Institution :
Comput. Security Lab., Concordia Univ., Montreal, QC
Abstract :
In this paper, we propose an approach for systematic security hardening of software based on aspect-oriented programming and Gimple language. We also present the first steps towards a formal specification for Gimple weaving together with the implementation methodology of the proposed weaving semantics. The primary contribution of this approach is providing the software architects with the capabilities to perform systematic security hardening by applying well-defined solutions and without the need to have expertise in the security solution domain. We explore the viability of our propositions by realizing the weaving semantics for Gimple by implementing it into the GCC compiler and applying our methodologies for systematic security hardening to develop a case study for securing the connections of client applications together with experimental results.
Keywords :
formal specification; object-oriented programming; security of data; software architecture; Gimple language; aspect-oriented programming; cross-language weaving; formal specification; software architects; software security hardening; Application software; Computer security; Information security; Information systems; Laboratories; Open source software; Privacy; Software performance; Systems engineering and theory; Weaving;
Conference_Titel :
Privacy, Security and Trust, 2008. PST '08. Sixth Annual Conference on
Conference_Location :
Fredericton, NB
Print_ISBN :
978-0-7695-3390-2
DOI :
10.1109/PST.2008.22
