Sciweavers

AOSD
2009
ACM

Enforcing security for desktop clients using authority aspects

14 years 7 months ago
Enforcing security for desktop clients using authority aspects
Desktop client applications interact with both local and remote resources. This is both a benefit in terms of the rich features desktop clients can provide, but also a security risk. Due to their high connectivity, desktop clients can leave a user’s machine vulnerable to viruses, malicious plug-ins, and scripts. Aspect-Oriented Software Development can be used to address security concerns in software in a modular fashion. However, most existing research focuses on the protection of server-side resources. In this paper we introduce an aspect-oriented mechanism, Authority Aspects, to enforce the Principle of Least Privilege on desktop clients. This helps to ensure that legitimate resource access is allowed and illegitimate access is blocked. We present a case study applying our approach on two desktop applications: an RSS feed aggregator and a Web browser. Categories and Subject Descriptors D.2.13 [SOFTWARE ENGINEERING]: Reusable Software; K.6.5 [MANAGEMENT OF COMPUTING AND INFORMATI...
Brett Cannon, Eric Wohlstadter
Added 19 May 2010
Updated 19 May 2010
Type Conference
Year 2009
Where AOSD
Authors Brett Cannon, Eric Wohlstadter
Comments (0)