Database Encryption as an Aspect
2004 (English)In: AOSD'04 International Conference on Aspect-Oriented Software Development : Papers, 2004Conference paper (Refereed)
Encryption is an important method for implementing confidentiality in information systems. Unfortunately applying encryption effectively can be quite complicated. Encryption, as well as other security concerns, is also often spread out in an application making implementation difficult. This crosscutting nature of encryption makes it a potentially ideal candidate for implementation using AOP. In this article we provide an example of how database encryption was applied using AOP with AspectJ on a real-life healthcare database application. Although the attempt was promising with regards to modularity, amount of effort and security engineering, it also revealed problems related to substring queries that need to be solved to make the approach really useful.
Place, publisher, year, edition, pages
Aspect Oriented Programming, Encryption, Separation of Concern, Java, Database Management, Confidentiality, Security
IdentifiersURN: urn:nbn:se:kth:diva-5576OAI: oai:DiVA.org:kth-5576DiVA: diva2:9988
AOSD Conference 2004, Workshop AOSDSEC, March 22-26, 2004, Lancaster UK
QC 20101130. Uppdaterad från Manuskript till Konferensbidrag (20101130).2006-04-102006-04-102010-11-30Bibliographically approved