Miguel García, D. Llewellyn-Jones, Francisco Ortin, M. Merabti
{"title":"将方面的动态分离应用于分布式系统安全性:一个案例研究","authors":"Miguel García, D. Llewellyn-Jones, Francisco Ortin, M. Merabti","doi":"10.1049/IET-SEN.2010.0160","DOIUrl":null,"url":null,"abstract":"Distributed systems are commonly required to be flexible and scalable, as the number and arrangement of their (potentially mobile) devices may easily change. Security in distributed systems is a complex issue which can produce several problems such as eavesdropping, phishing or denial of service. To overcome these problems, there are various security measures that can be applied. This study proposes the use of dynamic aspect-oriented software development (AOSD) to implement security mechanisms in distributed systems. By applying dynamic separation of concerns using AOSD, it becomes possible to adapt the security measures of distributed systems, even when their sizes and arrangements change, without compromising global security. These changes can be applied when a distributed system is running, without requiring its execution to be stopped or interrupted. Using the dynamic and static aspect weaving AOSD platform, the authors have implemented solutions for two common security problems in distributed systems: (i) access control and data flow and (ii) encryption of transmissions. Moreover, the proposed approach has been tested in a real client-server FTP scenario. Qualitative and quantitative evaluations of both implementations are presented to estimate the pros and cons of using dynamic AOSD in the development of security measures of distributed systems.","PeriodicalId":13395,"journal":{"name":"IET Softw.","volume":"5 1","pages":"231-248"},"PeriodicalIF":0.0000,"publicationDate":"2012-07-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Applying dynamic separation of aspects to distributed systems security: A case study\",\"authors\":\"Miguel García, D. Llewellyn-Jones, Francisco Ortin, M. Merabti\",\"doi\":\"10.1049/IET-SEN.2010.0160\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Distributed systems are commonly required to be flexible and scalable, as the number and arrangement of their (potentially mobile) devices may easily change. Security in distributed systems is a complex issue which can produce several problems such as eavesdropping, phishing or denial of service. To overcome these problems, there are various security measures that can be applied. This study proposes the use of dynamic aspect-oriented software development (AOSD) to implement security mechanisms in distributed systems. By applying dynamic separation of concerns using AOSD, it becomes possible to adapt the security measures of distributed systems, even when their sizes and arrangements change, without compromising global security. These changes can be applied when a distributed system is running, without requiring its execution to be stopped or interrupted. Using the dynamic and static aspect weaving AOSD platform, the authors have implemented solutions for two common security problems in distributed systems: (i) access control and data flow and (ii) encryption of transmissions. Moreover, the proposed approach has been tested in a real client-server FTP scenario. Qualitative and quantitative evaluations of both implementations are presented to estimate the pros and cons of using dynamic AOSD in the development of security measures of distributed systems.\",\"PeriodicalId\":13395,\"journal\":{\"name\":\"IET Softw.\",\"volume\":\"5 1\",\"pages\":\"231-248\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-07-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IET Softw.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1049/IET-SEN.2010.0160\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Softw.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1049/IET-SEN.2010.0160","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Applying dynamic separation of aspects to distributed systems security: A case study
Distributed systems are commonly required to be flexible and scalable, as the number and arrangement of their (potentially mobile) devices may easily change. Security in distributed systems is a complex issue which can produce several problems such as eavesdropping, phishing or denial of service. To overcome these problems, there are various security measures that can be applied. This study proposes the use of dynamic aspect-oriented software development (AOSD) to implement security mechanisms in distributed systems. By applying dynamic separation of concerns using AOSD, it becomes possible to adapt the security measures of distributed systems, even when their sizes and arrangements change, without compromising global security. These changes can be applied when a distributed system is running, without requiring its execution to be stopped or interrupted. Using the dynamic and static aspect weaving AOSD platform, the authors have implemented solutions for two common security problems in distributed systems: (i) access control and data flow and (ii) encryption of transmissions. Moreover, the proposed approach has been tested in a real client-server FTP scenario. Qualitative and quantitative evaluations of both implementations are presented to estimate the pros and cons of using dynamic AOSD in the development of security measures of distributed systems.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
