Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Database Encryption as an Aspect
KTH, Superseded Departments, Computer and Systems Sciences, DSV.
2004 (English)In: AOSD'04 International Conference on Aspect-Oriented Software Development  : Papers, 2004Conference paper, Published paper (Refereed)
Abstract [en]

Encryption is an important method for implementing confidentiality in information systems. Unfortunately applying encryption effectively can be quite complicated. Encryption, as well as other security concerns, is also often spread out in an application making implementation difficult. This crosscutting nature of encryption makes it a potentially ideal candidate for implementation using AOP. In this article we provide an example of how database encryption was applied using AOP with AspectJ on a real-life healthcare database application. Although the attempt was promising with regards to modularity, amount of effort and security engineering, it also revealed problems related to substring queries that need to be solved to make the approach really useful.

Place, publisher, year, edition, pages
2004.
Keyword [en]
Aspect Oriented Programming, Encryption, Separation of Concern, Java, Database Management, Confidentiality, Security
National Category
Information Science
Identifiers
URN: urn:nbn:se:kth:diva-5576OAI: oai:DiVA.org:kth-5576DiVA: diva2:9988
Conference
AOSD Conference 2004, Workshop AOSDSEC, March 22-26, 2004, Lancaster UK
Note
QC 20101130. Uppdaterad från Manuskript till Konferensbidrag (20101130).Available from: 2006-04-10 Created: 2006-04-10 Last updated: 2010-11-30Bibliographically approved
In thesis
1. Simplifying development of secure software: Aspects and Agile methods
Open this publication in new window or tab >>Simplifying development of secure software: Aspects and Agile methods
2006 (English)Licentiate thesis, comprehensive summary (Other scientific)
Abstract [en]

Reducing the complexity of building secure software systems is an important goal as increased complexity can lead to more security flaws. This thesis aims at helping to reduce this complexity by investigating new programming techniques and software development methods for implementing secure software. We provide case studies on the use and effects of applying Aspect-oriented software development to Confidentiality, Access Control and Quality of Service implementation. We also investigate how eXtreme Programming can be used for simplifying the secure software development process by comparing it to the security engineering standards Common Criteria and the Systems Security Engineering Capability Maturity Model. We also explore the relationship between Aspect-oriented programming and Agile software development methods, such as eXtreme Programming.

Place, publisher, year, edition, pages
Kista: Data- och systemvetenskap, 2006. 20 p.
Series
Report series / DSV, ISSN 1101-8526 ; 06-007
Keyword
AOP Security Engineering Software Engineering
National Category
Information Science
Identifiers
urn:nbn:se:kth:diva-3913 (URN)
Presentation
2006-04-26, 6405, Forum, Isafjordsgatan 39, Kista, 13:00
Opponent
Supervisors
Note
QC 20101130Available from: 2006-04-10 Created: 2006-04-10 Last updated: 2010-11-30Bibliographically approved

Open Access in DiVA

No full text

Other links

isk.kth

Search in DiVA

By author/editor
Boström, Gustav
By organisation
Computer and Systems Sciences, DSV
Information Science

Search outside of DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric score

urn-nbn
Total: 109 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf