Dynamic Deployment and Monitoring of Security Policies

INTER-TRUST is a framework for the specification, negotiation, deployment and dynamic adaptation of interoperable security policies, in the context of pervasive systems where devices are constantly exchanging critical information through the network. The dynamic adaptation of the security policies at runtime is addressed using Aspect- Oriented Programming (AOP) that allows enforcing security requirements by dynamically weaving security aspects into the applications. However, a mechanism to guarantee the correct adaptation of the functionality that enforces the changing security policies is needed. In this paper, we present an approach with monitoring and detection techniques in order to maintain the correlation between the security policies and the associated functionality deployed using AOP, allowing the INTERTRUST framework automatically reacts when needed.European Union INTER-TRUST FP7-317731Ministerio de Economía y Competitividad TIN2012-34840Junta de Andalucía FamiWare P09-TIC-5231Junta de Andalucía MAGIC P12-TIC181

Multi-purpose infrastructure for delivering and supporting mobile context-aware applications

The use of contextual information in mobile devices is receiving increasing attention in mobile and ubiquitous computing research. An important requirement for mobile development today is that devices should be able to interact with the context. In this paper we present a series of contributions regarding previous work on context-awareness. In the first place, we describe a client-server architecture that provides a mechanism for preparing target non context-aware applications in order to be delivered as context-aware applications in a semi-automatic way. Secondly, the framework used in the server to instantiate specific components for context-awareness, the Implicit Plasticity Framework, provides independence from the underlying mobile technology used in client device, as it is shown in the case studies presented. Finally, proposed infrastructure deals with the interaction among different context constraints provided by diverse sensors. All of these contributions are extensions to the infrastructure based on the Dichotomic View of plasticity, which now offers multi-purpose support

Early aspects: aspect-oriented requirements engineering and architecture design

This paper reports on the third Early Aspects: Aspect-Oriented Requirements Engineering and Architecture Design Workshop, which has been held in Lancaster, UK, on March 21, 2004. The workshop included a presentation session and working sessions in which the particular topics on early aspects were discussed. The primary goal of the workshop was to focus on challenges to defining methodical software development processes for aspects from early on in the software life cycle and explore the potential of proposed methods and techniques to scale up to industrial applications

Using Probabilistic Temporal Logic PCTL and Model Checking for Context Prediction

Context prediction is a promoting research topic with a lot of challenges and opportunities. Indeed, with the constant evolution of context-aware systems, context prediction remains a complex task due to the lack of formal approach. In this paper, we propose a new approach to enhance context prediction using a probabilistic temporal logic and model checking. The probabilistic temporal logic PCTL is used to provide an efficient expressivity and a reasoning based on temporal logic in order to fit with the dynamic and non-deterministic nature of the system's environment. Whereas, the probabilistic model checking is used for automatically verifying that a probabilistic system satisfies a property with a given likelihood. Our new approach allows a formal expressivity of a multidimensional context prediction. Tested on real data our model was able to achieve 78% of the future activities prediction accuracy

Towards an aspect weaving BPEL engine

This position paper proposes the use of dynamic aspects and the visitor design pattern to obtain a highly configurable and extensible BPEL engine. Using these two techniques, the core of this infrastructural software can be customised to meet new requirements and add features such as debugging, execution monitoring, or changing to another Web Service selection policy. Additionally, it can easily be extended to cope with customer-specific BPEL extensions. We propose the use of dynamic aspects not only on the engine itself but also on the workflow in order to tackle the problems of Web Service hot deployment and hot fixes to long running processes. In this way, composing aWeb Service "on-the-fly" means weaving its choreography interface into the workflow

Architecting Secure Software Systems Using an Aspect-Oriented Approach: : A Survey of Current Research

The importance of security in the development of complex software systems has increasingly become more critical as software becomes increasingly more pervasive in our everyday lives. Aspect-orientation has been proposed as a means to handle the crosscutting nature of security requirements when developing, designing and implementing security-critical applications. This paper surveys some of the approaches and contributions of integrating an aspect-oriented approach into designing and implementing secure software systems

Unwoven Aspect Analysis

Various languages and tools supporting advanced separation of concerns (such as aspect-oriented programming) provide a software developer with the ability to separate functional and non-functional programmatic intentions. Once these separate pieces of the software have been specified, the tools automatically handle interaction points between separate modules, relieving the developer of this chore and permitting more understandable, maintainable code. Many approaches have left traditional compiler analysis and optimization until after the composition has been performed; unfortunately, analyses performed after composition cannot make use of the logical separation present in the original program. Further, for modular systems that can be configured with different sets of features, testing under every possible combination of features may be necessary and time-consuming to avoid bugs in production software. To solve this testing problem, we investigate a feature-aware compiler analysis that runs during composition and discovers features strongly independent of each other. When the their independence can be judged, the number of feature combinations that must be separately tested can be reduced. We develop this approach and discuss our implementation. We look forward to future programming languages in two ways: we implement solutions to problems that are conceptually aspect-oriented but for which current aspect languages and tools fail. We study these cases and consider what language designs might provide even more information to a compiler. We describe some features that such a future language might have, based on our observations of current language deficiencies and our experience with compilers for these languages

Aspect-oriented model-driven code generation approach for improving code reusability and maintainability

Software development teams always need methods that can help in producing high-quality software with reduced development effort and delivery time. Model-Driven Engineering (MDE) as well as Aspect-Oriented Software Development (AOSD) techniques help in reducing the delivery time, and also positively contribute to quality of the produced software. Through the use of AOSD techniques in combination with MDE, an integration of excellent abstraction mechanisms of MDE and capabilities of AOSD with regards to modularity and composition of concerns can be perceived, which is expected to enhance the positive effects of both techniques. To this end, different integration approaches have appeared in literature, but aspect-oriented code generation has advantages over the other approaches. Consequently, a number of aspect-oriented code generation approaches have been offered, but all such approaches lack several features mandatory to materialize a workable integration of aspect technologies in the context of MDE. To address these issues, this research was conducted to present an approach for aspect-oriented model-driven code generation, which focuses on elaborating the conceptual relationship between design models and the implementation code, and exploits the same to obtain aspect-oriented code that is more reusable and maintainable. The key outcomes of this research are the elaboration of the conceptual mappings between elements of visual design and constructs of the code, mapping of the visual models to implementation-specific text-based models, and a technique for generation of aspect-oriented code. The applicability of the proposed approach is shown by the use of case studies, whereas the quality of the approach is measured using reusability and maintainability metrics. A comparison of the proposed approach with existing approaches substantiates its efficacy in terms of reusability and maintainability of code, showing an outperformance of other approaches by the proposed approach against 78% of the employed quality metrics