Towards language-independent approach for security concerns weaving
In this paper, we propose an approach for weaving security concerns in the Gimple representation of programs. Gimple is an intermediate, language-independent, and tree-based representation generated by GNU Compiler Collection (GCC) during the compilation process. This proposition constitutes the fir...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | , |
| Format: | conferenceObject |
| Published: |
2008
|
| Online Access: | http://hdl.handle.net/10725/8461 https://doi.org/10.5220/0001925704600465 http://libraries.lau.edu.lb/research/laur/terms-of-use/articles.php https://www.scitepress.org/Link.aspx?doi=10.5220/0001925704600465 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | In this paper, we propose an approach for weaving security concerns in the Gimple representation of programs. Gimple is an intermediate, language-independent, and tree-based representation generated by GNU Compiler Collection (GCC) during the compilation process. This proposition constitutes the first attempt towards adopting the aspect-oriented concept on Gimple and exploiting this intermediate representation to allow advising an application written in a specific language with security code written in a different one. At the same time, injecting security is applied in a systematic way in order not to alter the original functionalities of the software. We explore the viability and the relevance of our proposition by: (1) implementing several Gimple weaving capabilities into the GCC compiler (2) developing a case study for securing the connections of a client application and (3) using the weaving features of the extended GCC to inject the security concerns into the application. |
|---|