Towards language-independent approach for security concerns weaving
In this paper, we propose an approach for weaving security concerns in the Gimple representation of programs. Gimple is an intermediate, language-independent, and tree-based representation generated by GNU Compiler Collection (GCC) during the compilation process. This proposition constitutes the fir...
محفوظ في:
| المؤلف الرئيسي: | |
|---|---|
| مؤلفون آخرون: | , |
| التنسيق: | conferenceObject |
| منشور في: |
2008
|
| الوصول للمادة أونلاين: | http://hdl.handle.net/10725/8461 https://doi.org/10.5220/0001925704600465 http://libraries.lau.edu.lb/research/laur/terms-of-use/articles.php https://www.scitepress.org/Link.aspx?doi=10.5220/0001925704600465 |
| الوسوم: |
إضافة وسم
لا توجد وسوم, كن أول من يضع وسما على هذه التسجيلة!
|
| الملخص: | In this paper, we propose an approach for weaving security concerns in the Gimple representation of programs. Gimple is an intermediate, language-independent, and tree-based representation generated by GNU Compiler Collection (GCC) during the compilation process. This proposition constitutes the first attempt towards adopting the aspect-oriented concept on Gimple and exploiting this intermediate representation to allow advising an application written in a specific language with security code written in a different one. At the same time, injecting security is applied in a systematic way in order not to alter the original functionalities of the software. We explore the viability and the relevance of our proposition by: (1) implementing several Gimple weaving capabilities into the GCC compiler (2) developing a case study for securing the connections of a client application and (3) using the weaving features of the extended GCC to inject the security concerns into the application. |
|---|