An aspect-oriented security framework

The security of a software system is an attribute that permeates the whole system. As such, any attempt to address security concerns in a software system must, of necessity, be global in nature, and security solutions must be applied consistently at every relevant location. One way of achieving these objectives is by separating out security concerns from the rest of the application issues, such that they can be addressed independently and applied globally. A methodology that would encompass these two high-level goals: separation of security concerns and consistent implementation of security solutions, would pave the road towards secure applications. To implement such a methodology, we chose to use the aspect-oriented programming (AOP) paradigm. AOP is a relatively new programming model that enables the separation of cross-cutting concerns while remaining easy to use and integrating well with the development process. We describe a framework, based on the AOP model, for implementing security solutions in a globally consistent manner such that security concerns are modularized.