Doctor en Ciencias, Mención ComputaciónIt is inevitable that some concerns crosscut a sizable application, resulting in code scattering and tangling. This issue is particularly severe for security-related concerns: it is difficult to be confident about the security of an application when the implementation of its security related concerns is scattered all over the code and tangled with other concerns, making global reasoning about security precarious. In this thesis work, we consider the case of access control, a cornerstone of every security architecture, which turns out to be a crosscutting concern with a non-modular implementation based on runtime stack inspection in mainstream languages such as Java and C#. We make use of aspect orient...
The paper focuses on stack inspection, the access control mechanism implemented in Java and the CLR...
Addressing security in the software development lifecycle still is an open issue today, especially i...
The paper focuses on stack inspection, the access control mechanism implemented in Java and the CLR...
Doctor en Ciencias, Mención ComputaciónIt is inevitable that some concerns crosscut a sizable applic...
Artículo de publicación ISIIt is inevitable that some concerns crosscut a sizeable application, resu...
Organizations define and enforce AC policies to protect sensitive information resources. The policy ...
Ideally, the enforcement of application-specific policies in an access control service should be unt...
Abstract. Encapsulation is one of the most important features of object-oriented programming. Reduci...
Affecting multiple parts in software systems, security requirements often tangle with functional req...
Abstract. Extensible Component Platforms support the discovery, in-stallation, starting, uninstallat...
In this paper we study security in component-based software applications by looking at information l...
Application-level security has become an issue in recent years; for example, errors, discrepancies a...
Modern-day imperative programming languages such as C++, C# and Java offer protection facilities suc...
International audienceAccess control is a central issue among the overall security goals of informat...
Class-based languages, such as Java and C#, implement encapsulation via access modifiers on classes,...
The paper focuses on stack inspection, the access control mechanism implemented in Java and the CLR...
Addressing security in the software development lifecycle still is an open issue today, especially i...
The paper focuses on stack inspection, the access control mechanism implemented in Java and the CLR...
Doctor en Ciencias, Mención ComputaciónIt is inevitable that some concerns crosscut a sizable applic...
Artículo de publicación ISIIt is inevitable that some concerns crosscut a sizeable application, resu...
Organizations define and enforce AC policies to protect sensitive information resources. The policy ...
Ideally, the enforcement of application-specific policies in an access control service should be unt...
Abstract. Encapsulation is one of the most important features of object-oriented programming. Reduci...
Affecting multiple parts in software systems, security requirements often tangle with functional req...
Abstract. Extensible Component Platforms support the discovery, in-stallation, starting, uninstallat...
In this paper we study security in component-based software applications by looking at information l...
Application-level security has become an issue in recent years; for example, errors, discrepancies a...
Modern-day imperative programming languages such as C++, C# and Java offer protection facilities suc...
International audienceAccess control is a central issue among the overall security goals of informat...
Class-based languages, such as Java and C#, implement encapsulation via access modifiers on classes,...
The paper focuses on stack inspection, the access control mechanism implemented in Java and the CLR...
Addressing security in the software development lifecycle still is an open issue today, especially i...
The paper focuses on stack inspection, the access control mechanism implemented in Java and the CLR...