Aspect-oriented Secure Software Modeling
Object Oriented Programming (OOP) [1] uses encapsulation and abstraction through class that captures both functionality and behavior and internal structure. In the software system development, besides the basic functionality, there are another concerns as synchronization, distribution, logging, error handling, security management, etc. If each one of these concerns are processed independently from the remaining part of the system, the adaptability, extensibility and reusability of the system would be increased, resulting in quality software being developed. To achieve this objective it is necessary that each one of these concerns being modulated inside the system. This fact assumes …show more content…
The concepts that have been introduced by Kiczales and his research group, Aspect, Join Point, Crosscutting concerns and Weaving, constitute the core of AOP. The evolution of the Aspect-Oriented paradigm has progressed from programming towards the analysis and the design. The Aspect-Oriented Software Development (AOSD) [3] emerges naturally to promote the goal of the early separation of concerns from the implementation level towards other software development process phases, including the specification, analysis and design requirements. The Aspects-Oriented technology premise is the division of crosscutting concerns, where certain design requirements tend to cross the central functional entities group. However, some research groups have worked to introduce the use of linguistic divider mechanisms to modulate and compose crosscutting concerns, being summed up in different approaches: Adaptive Programming-AP, Composition Filters-CF, Subject-Oriented Programming-SOP and Multi-Dimensional Separation of Concerns –MDSoC. The AOP and these methods belong to a bigger research field known as Advanced Separation of Concerns-ASoC [4]. The methods related with ASoC propose different and assorted …show more content…
The concerns that (at the design or implementation phases) are spread over several modular units (crossing the limits of these units) are named crosscutting-concerns. This crosscutting complicates the development activities, the evolution, and the maintenance of the software. For this reason, a special modular unit that contains the crosscutting-concerns (known as aspects) was proposed in [1]. With regard to Secure Software Architecture (SSA), the aspects involved are called early security aspects [2]. The identification of early security aspects may ensure that appropriate decisions are made at early stage of the software development. However, the techniques to The handling of security-critical aspects at an architectural level still is in