Section 27.1. INTRODUCTION

Previous page
Table of content
Next page

27.1. INTRODUCTION

Invariably, developing a real-life application demands that we consider both functional (i.e., related to the application business logic) and non-functional requirements. Separating the development of different requirements has important advantages in system evolution: As such requirements originate from different concerns (and very often from different stake-holders), they may cause different reiterations over various parts of the software life cycle. Successful separation of concerns thus leads to ease of development, maintenance, and potential reuse. State-of-the-art software techniques already support separating concerns, for instance, by using method structuring, clean object-oriented programming, and design patterns. However, these techniques are insufficient for more complex modularization problems. A major cause for this limitation is the inherently forced focus of these techniques on one view of the problem; they lack the ability to approach the problem from different viewpoints simultaneously. The net result is that conventional modularization techniques are unable to fully separate crosscutting concerns.

Aspect-oriented programming (AOP) is an approach that provides more advanced modularization techniques. The main characteristic of this technology is the ability to specify both the behavior of one individual concern and the way this behavior is related to other concerns (the binding). In fact, AOP has become a general term to denote several approaches to providing such development functionality. One prominent tool in this space is AspectJ [19]. AspectJ extends Java with mechanisms for expressing advanced modularization capabilities. In AspectJ, a unit of modularization is called an aspect, and a unit of binding is a pointcut.

This chapter reports the experience of developing security solutions for application software using AspectJ. We highlight both the advantages of aspect technology and remaining open challenges. The chapter is structured as follows: Section 27.2 briefly introduces the domain of application security. Section 27.3 covers two of the several case studies that we have developed. Section 27.4 evaluates AOP technology on the basis of our experience. We compare our work with alternative approaches to engineering application-specific security in Section 27.5, and we conclude in Section 27.6.


Previous page
Table of content
Next page
Aspect-Oriented Software Development
Aspect-Oriented Software Development with Use Cases
ISBN: 0321268881
EAN: 2147483647
Year: 2003
Pages: 307
Authors: Ivar Jacobson, Pan-Wei Ng
BUY ON AMAZON
Software Configuration Management
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
File System Forensic Analysis
802.11 Wireless Networks: The Definitive Guide, Second Edition
The Lean Six Sigma Pocket Toolbook. A Quick Reference Guide to Nearly 100 Tools for Improving Process Quality, Speed, and Complexity
Cultural Imperative: Global Trends in the 21st Century
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy