Security for Distributed Web-Applications via Aspect-Oriented Programming

TL;DR

This paper introduces a modular security approach for distributed web applications using aspect-oriented programming, enabling system security without source code modification and incorporating industry standards like Liberty Alliance and hardware tokens.

Contribution

It presents a novel security module that integrates with existing systems via aspect-oriented programming, facilitating flexible authentication and authorization without source code access.

Findings

Successful integration with existing systems using AspectJ

Implementation of single sign-on with Liberty Alliance framework

Use of hardware tokens and proactive computing demonstrated

Abstract

Identity Management is becoming more and more important in business systems as they are opened for third parties including trading partners, consumers and suppliers. This paper presents an approach securing a system without any knowledge of the system source code. The security module adds to the existing system authentication and authorisation based on aspect oriented programming and the liberty alliance framework, an upcoming industrie standard providing single sign on. In an initial training phase the module is adapted to the application which is to be secured. Moreover the use of hardware tokens and proactive computing is demonstrated. The high modularisation is achived through use of AspectJ, a programming language extension of Java.