Treffer: Capturing Returned Computable Values in AspectJ for Security Hardening.

The main contribution of this paper is to present an extension to AspectJ compiler ajc-1.5.0 for security hardening. The extension consists of two pointcuts that can capture the returned computable values of methods in both the execution scope and following a method invocation. The returned values in programs are the results of operations done in the execution scope of methods. They are significant for the intra- and inter-procedural dataflow analysis where they represent the context transitivity between the caller and the called methods in a given program. Any misuse of them can allow the reflection of important data and the disclosure of secret information. Moreover, any alteration of these values can violate the integrity of programs and conduct to their misbehavior. In this paper, we detail the design and the implementation of these two pointcuts. Finally, we present a case study to demonstrate how the data integrity property can be satisfied in distributed systems using the newly implemented pointcuts. [ABSTRACT FROM AUTHOR]

Copyright of Information Security Journal: A Global Perspective is the property of Taylor & Francis Ltd and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Volltext ist im Gastzugang nicht verfügbar. Melden Sie sich für Vollzugriff an.