SoBeNeT Project DistriNet status report Bart De Win Wouter Joosen Frank Piessens June 25, 2004.

Slides:



Advertisements
Similar presentations
Formal Language, chapter 4, slide 1Copyright © 2007 by Adam Webber Chapter Four: DFA Applications.
Advertisements

Software Engineering Implementation Lecture 3 ASPI8-4 Anders P. Ravn, Feb 2004.
Programming Languages and Paradigms
Concurrency Important and difficult (Ada slides copied from Ed Schonberg)
Aspect Oriented Programming. AOP Contents 1 Overview 2 Terminology 3 The Problem 4 The Solution 4 Join point models 5 Implementation 6 Terminology Review.
Decorator Pattern Applied to I/O stream classes. Design Principle Classes should be open for extension, but closed for modification –Apply the principle.
Lecture 27 Exceptions COMP1681 / SE15 Introduction to Programming.
Reseach in DistriNet (department of computer science, K.U.Leuven) General overview and focus on embedded systems task-force.
George Blank University Lecturer. CS 602 Java and the Web Object Oriented Software Development Using Java Chapter 4.
The DiPS+ software architecture for self-healing protocol stacks Sam Michiels, Lieven Desmet, Wouter Joosen and Pierre Verbaeten.
Portable Support for Transparent Thread Migration in Java Eddy Truyen, Bert Robben, Bart Vanhaute, Tim Coninx, Wouter Jousen and Pierre Verbaeten Department.
Java Exceptions. Intro to Exceptions  What are exceptions? –Events that occur during the execution of a program that interrupt the normal flow of control.
Aspect-Oriented Software Development (AOSD) Tutorial #8 Composition Filters.
Aspect-Oriented Software Development (AOSD) Tutorial #2 AspectJ Basics.
SOS OOP Fall 2001 Object Oriented Programming in Java Week 1 Read a design Design a small program Extract a design Run a VAJ program Change that program,
Aspect-Oriented Software Development (AOSD) Tutorial #3 AspectJ - continued.
Java Exceptions. Intro to Exceptions  What are exceptions? –Events that occur during the execution of a program that interrupt the normal flow of control.
1 Model Interface Implementation for Two-Way Obliviousness in Aspect-Oriented Modeling Presented by Wuliang Sun Department of Computer Science Baylor University.
A Formal Model of Modularity in Aspect-Oriented Programming Jonathan Aldrich : Objects and Aspects Carnegie Mellon University.
CS2110 Recitation Week 8. Hashing Hashing: An implementation of a set. It provides O(1) expected time for set operations Set operations Make the set empty.
Principles of Computer Programming (using Java) Review Haidong Xue Summer 2011, at GSU.
Introduction to Aspect- Oriented Programming CS 3360 Gregor Kiczales, et. al. Getting started with AspectJ, CACM, 44(10):59-65, October Fall 2012.
Chapter 13 Exception Handling F Claiming Exceptions F Throwing Exceptions F Catching Exceptions F Rethrowing Exceptions  The finally Clause F Cautions.
Developing Adaptive J2ME Applications Using AspectJ Ayla Débora and Paulo Borba {add, Centro de Informática - UFPE.
Tuesday October 25, 2005 SoBeNeT project User group meeting 25/10/2005.
Aspect Oriented Programming Razieh Asadi University of Science & Technology Mazandran Babol Aspect Component Based Software Engineering (ACBSE)
Supporting Object Mobility Wouter Joosen, Frank Matthijs, Bert Robben, Eddy Truyen, Bart Vanhaute DistriNet Lab ~xenoops/CORRELATE.
Prepared by : A.Alzubair Hassan Kassala university Dept. Computer Science Lecture 2 I/O Streams 1.
An Introduction to Java Chapter 11 Object-Oriented Application Development: Part I.
The Java Programming Language
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 32 Slide 1 Aspect-oriented Software Development 1.
Modularizing Web Services Management with AOP María Agustina Cibrán, Bart Verheecke { Maria.Cibran, System and Software Engineering.
SoBeNeT User Group meeting Part II Wouter Joosen October
Chapter 9 1 Chapter 9 – Part 1 l Overview of Streams and File I/O l Text File I/O l Binary File I/O l File Objects and File Names Streams and File I/O.
KATHOLIEKE UNIVERSITEIT LEUVEN 1 Run time enforcement of security policies on the.NET framework Frank Piessens Joint work with many people including Lieven.
Partitioning Patterns How to partition complex actors and concepts into multiple classes. Layered Initialization Filter Composite.
AOP-1 Aspect Oriented Programming. AOP-2 Aspects of AOP and Related Tools Limitation of OO Separation of Concerns Aspect Oriented programming AspectJ.
Design.ppt1 Top-down designs: 1. Define the Problem IPO 2. Identify tasks, Modularize 3. Use structure chart 4. Pseudocode for Mainline 5. Construct pseudocode.
1 An Aspect-Oriented Implementation Method Sérgio Soares CIn – UFPE Orientador: Paulo Borba.
Introduction to Java Lecture Notes 3. Variables l A variable is a name for a location in memory used to hold a value. In Java data declaration is identical.
Topic 1 Object Oriented Programming. 1-2 Objectives To review the concepts and terminology of object-oriented programming To discuss some features of.
Subsystems: Improved exception handling for Java (DRAFT) Bart Jacobs, Frank Piessens.
Software Maintenance Speaker: Jerry Gao Ph.D. San Jose State University URL: Sept., 2001.
JAVA PROGRAMMING PART III. METHOD STATEMENT Form of method statement [ ] [static] ( [ ]) { } Example public static void main(String args[])
CreatingClasses-SlideShow-part31 Creating Classes part 3 Barb Ericson Georgia Institute of Technology Dec 2009.
UDI Advanced Topics DMA and Interrupts Robert Lipe UDI Development Team Lead
Programmeren 1 6 september 2010 HOORCOLLEGE 2: INTERACTIE EN CONDITIES PROGRAMMEREN 1 6 SEPTEMBER 2009 Software Systems - Programming - Week.
COM S 228 Introduction to Data Structures Instructor: Ying Cai Department of Computer Science Iowa State University Office: Atanasoff.
Applying Aspect-Orientation in Designing Security Systems Shu Gao Florida International University Center for Advanced Distributed Systems Engineering.
David Evans CS201j: Engineering Software University of Virginia Computer Science Lecture 9: Designing Exceptionally.
Introduction to Aspect- Oriented Programming CS 3360 Gregor Kiczales, et. al. Getting started with AspectJ, CACM, 44(10):59-65, October Spring 2012.
Topic 1 Object Oriented Programming. 1-2 Objectives To review the concepts and terminology of object-oriented programming To discuss some features of.
CSC450 Software Engineering Devon M. Simmonds University of North Carolina, Wilmington 1.
IWFST'2005, Shanghai Testing Aspect-Oriented Programs: Challenges and Opportunities Jianjun Zhao Department of Computer Science and Engineering Shanghai.
1 Introduction to Computer Science for Majors II CPSC 233, Winter 2013 CPSC 233, winter 2013 Tutorial 7, Feb 6/7, 2013.
Puzzle 2 1  what does the following program print? public class Puzzle02 { public static void main(String[] args) { final long MICROS_PER_DAY = 24 * 60.
OOP in Java : © W. Milner 2005 : Slide 1 Java and OOP Part 3 – Extending classes.
Towards Preserving Correctness in Self-Managed Software Systems Lieven Desmet – Nico Janssens – Sam Michiels Frank Piessens – Wouter Joosen – Pierre Verbaeten.
1 An AOP Implementation Framework for Extending Join Point Models Naoyasu Ubayashi(Kyushu Institute of Technology, Japan) Hidehiko Masuhara(University.
// Increment i i += 1; // Restart timer this->start(Cycles::rdtsc() + clock->updateIntervalCycles); updater->start(0); // Start immediately. CS 190 Lecture.
Unified Modeling Language (UML)
Cs205: engineering software university of virginia fall 2006 Programming Exceptionally David Evans
Enabling Control over Adaptive Program Transformation for Dynamically Evolving Mobile Software Validation Mike Jochen, Anteneh Anteneh, Lori Pollock University.
CSE 2341 Object Oriented Programming with C++ Note Set #4
Protecting C and C++ programs from current and future code injection attacks Yves Younan, Wouter Joosen and Frank Piessens DistriNet Department of Computer.
Advanced Programming Practice Questions Advanced Programming. All slides copyright: Chetan Arora.
RealTimeSystems Lab Jong-Koo, Lim
Information and Computer Sciences University of Hawaii, Manoa
Architectural Patterns for Interactive Software
Sadalage & Fowler (Amazon)
Presentation transcript:

SoBeNeT Project DistriNet status report Bart De Win Wouter Joosen Frank Piessens June 25, 2004

SoBeNeT - DistriNet status reportBart De Win 2 DistriNet research group Open, distributed object support platforms for advanced applications Task forces: –Networking –Multi-agent systems –Embedded systems –Language technology and middleware –Security

SoBeNeT - DistriNet status reportBart De Win 3 Project involvement Tracks –Track 1: programming and composition –Track 2: software engineering Members –Wouter Joosen, Frank Piessens, Pierre Verbaeten, Bart De Win, Eddy Truyen, Tine Verhanneman, Lieven Desmet, Bart Jacobs, Bert Lagaisse, Liesje Demuynck, Yves Younan

SoBeNeT - DistriNet status reportBart De Win 4 Current activities: track 1 Security vulnerabilities –Programming language, architecture, classification Case Studies –CRM, e-banking, e-health Solution techniques –Inventory: ACM survey paper –Programming language: C(++), Java, Spec# Complex composition –Doctoral work (Bart, Eddy, Tine)

SoBeNeT - DistriNet status reportBart De Win 5 Current activities: track 2 Security requirements –Functional vs. technological vs. quality Technology study –CC, STRIDE, CMM, ISO17799, … ECOOP tutorial (TS1)

Engineering application-level security through AOSD Highlights of a Ph.D. dissertation

SoBeNeT - DistriNet status reportBart De Win 7 Security is Pervasive Application-level security is crosscutting in location /** Current 64 byte block to process */ private byte[] currentBlock = new byte[64] ; /** Constructor. */ public MD5(){ super("MD5") ; engineReset() ; } // *********************** // JCA JAVA ENGINE METHODS // *********************** /** Method to reset the MD5 engine. */ public void engineReset(){ count = 0 ; state[0] = 0x ; state[1] = 0xefcdab89 ; state[2] = 0x98badcfe ; state[3] = 0x ; } /** Method to add a byte to the current message. input : the byte to append to the current message. */ public void engineUpdate(byte input){ //append byte to currentBlock currentBlock[(int)(count & 63)] = input ; //count&63 = count%64 //if currentBlock full => process if ((int)(count & 63) == 63){ //whole block => process MD5Transform() ; } //and update internal state (count) count++ ; } /** Method to add a byte array to the current message. buf : the bytearray to append to the current message. offset : the offset to start from appending the bytearray to the current message. len : the length of the message to append to the current message. */ public void engineUpdate(byte[] buf, int offset, int len){ //FIRST : process first part of buffer until no more or full block //calculate number of bytes that fit in current block int no = java.lang.Math.min(len, 64 - (int)(count&63)) ; System.arraycopy(buf, offset, currentBlock, (int)(count&63), no) ; count += no ; len -= no ; offset += no ; } /** Method to calculate the digest of the current message. *After calculation, the engine is reset. returns the message digest in a bytearray. */ public byte[] engineDigest(){ //calculate correct number of bits in total message long origMsgCount = count << 3 ; //append padding bits engineUpdate((byte)128) ; // append byte " " while (((int)(count & 63)) != 56){ engineUpdate((byte)0) ; //append byte 0 until 56 mod 64 } //append length (big endian) int[] cnt = new int[2] ; cnt[0] = (int) (origMsgCount & 0xffffffff) ; cnt[1] = (int) (origMsgCount >> 32) ; intToByte(currentBlock, 56, cnt, 0, 8) ; //process last block MD5Transform() ; //return digest byte[] result = new byte[16] ; intToByte(result, 0, state, 0, 16) ; //reset the engine for JCA compatibility engineReset() ; return result ; } /** Method to calculate the digest of the current message. *After calculation, the engine is reset. buf : the byte array in which the digest is put. offset : the offset from where the digest is put in the bytearray. len : the length of free space in the bytearray. returns the length of the messagedigest. */ public int engineDigest(byte[] buf, int offset, int len) throws DigestException { //if not enough space in buf, return if (len < 16) throw new DigestException("Buffer too small.") ; //calculate digest, copy into buf and return byte[] result = engineDigest() ; System.arraycopy(result, 0, buf, offset, result.length) ; return result.length ; } /* Method to get the length of a digest. } public class MD5Test { public static void main(String[] args){ MessageDigest digest = null ; Security.addProvider(new DistriNet()) ; try{ digest = MessageDigest.getInstance("MD5", "Distrinet") ; } catch(Exception e){ e.printStackTrace() ; System.exit(1) ; } digest.update(args[0].getBytes()) ; System.out.println("Input : " + formatBin2Hex(args[0].getBytes(), 16, 2) +"\n" ) ; System.out.println("Digest : " + formatBin2Hex(digest.digest(), 16, 2) +"\n" ) ; int m = ( n % s1 ); for ( int i = m ; i < s1 ; i++ ) { if ( ( i % s2 ) == 0 ) result += " "; result += " "; ascii += " "; } if ( m > 0 ) { result += " [" + ascii + "]\r\n"; } return result; } private static String _hexmap = " abcdef"; private static String _int2hex ( long i, int n ) { String result = ""; for ( int j = 0 ; j < n ; j++ ) { int m = (int)(i & (long)0xf); }

SoBeNeT - DistriNet status reportBart De Win 8 /** Current 64 byte block to process */ private byte[] currentBlock = new byte[64] ; /** Constructor. */ public MD5(){ super("MD5") ; engineReset() ; } // *********************** // JCA JAVA ENGINE METHODS // *********************** /** Method to reset the MD5 engine. */ public void engineReset(){ count = 0 ; state[0] = 0x ; state[1] = 0xefcdab89 ; state[2] = 0x98badcfe ; state[3] = 0x ; } /** Method to add a byte to the current message. input : the byte to append to the current message. */ public void engineUpdate(byte input){ //append byte to currentBlock currentBlock[(int)(count & 63)] = input ; //count&63 = count%64 //if currentBlock full => process if ((int)(count & 63) == 63){ //whole block => process MD5Transform() ; } //and update internal state (count) count++ ; } /** Method to add a byte array to the current message. buf : the bytearray to append to the current message. offset : the offset to start from appending the bytearray to the current message. len : the length of the message to append to the current message. */ public void engineUpdate(byte[] buf, int offset, int len){ //FIRST : process first part of buffer until no more or full block //calculate number of bytes that fit in current block int no = java.lang.Math.min(len, 64 - (int)(count&63)) ; System.arraycopy(buf, offset, currentBlock, (int)(count&63), no) ; count += no ; len -= no ; offset += no ; } /** Method to add a byte array to the current message. buf : the bytearray to append to the current message. offset : the offset to start from appending the bytearray to the current message. len : the length of the message to append to the current message. */ public void engineUpdate(byte[] buf, int offset, int len){ //FIRST : process first part of buffer until no more or full block //calculate number of bytes that fit in current block int no = java.lang.Math.min(len, 64 - (int)(count&63)) ; System.arraycopy(buf, offset, currentBlock, (int)(count&63), no) ; count += no ; len -= no ; offset += no ; } public class MD5Test { public static void main(String[] args){ MessageDigest digest = null ; Security.addProvider(new DistriNet()) ; try{ digest = MessageDigest.getInstance("MD5", "Distrinet") ; } catch(Exception e){ e.printStackTrace() ; System.exit(1) ; } digest.update(args[0].getBytes()) ; System.out.println("Input : " + formatBin2Hex(args[0].getBytes(), 16, 2) +"\n" ) ; System.out.println("Digest : " + formatBin2Hex(digest.digest(), 16, 2) +"\n" ) ; int m = ( n % s1 ); } public class MD5Test { public static void main(String[] args){ MessageDigest digest = null ; Security.addProvider(new DistriNet()) ; try{ digest = MessageDigest.getInstance("MD5", "Distrinet") ; } catch(Exception e){ e.printStackTrace() ; System.exit(1) ; } digest.update(args[0].getBytes()) ; System.out.println("Input : " + formatBin2Hex(args[0].getBytes(), 16, 2) +"\n" ) ; System.out.println("Digest : " + formatBin2Hex(digest.digest(), 16, 2) +"\n" ) ; int m = ( n % s1 ); for ( int i = m ; i < s1 ; i++ ) { if ( ( i % s2 ) == 0 ) result += " "; result += " "; ascii += " "; } if ( m > 0 ) { result += " [" + ascii + "]\r\n"; } return result; } private static String _hexmap = " abcdef"; private static String _int2hex ( long i, int n ) { String result = ""; for ( int j = 0 ; j < n ; j++ ) { int m = (int)(i & (long)0xf); } public class MD5Test { public static void main(String[] args){ MessageDigest digest = null ; Security.addProvider(new DistriNet()) ; try{ digest = MessageDigest.getInstance("MD5", "Distrinet") ; } catch(Exception e){ e.printStackTrace() ; System.exit(1) ; } digest.update(args[0].getBytes()) ; System.out.println("Input : " + int m = ( n % s1 ); for ( int i = m ; i < s1 ; i++ ) { if ( ( i % s2 ) == 0 ) result += " "; result += " "; ascii += " "; } if ( m > 0 ) { result += " [" + ascii + "]\r\n"; } return result; } private static String _hexmap = " abcdef"; private static String _int2hex ( long i, int n ) { String result = ""; for ( int j = 0 ; j < n ; j++ ) { int m = (int)(i & (long)0xf); } public class MD5Test { public static void main(String[] args){ MessageDigest digest = null ; Security.addProvider(new DistriNet()) ; try{ digest = MessageDigest.getInstance("MD5", "Distrinet") ; } catch(Exception e){ e.printStackTrace() ; System.exit(1) ; } digest.update(args[0].getBytes()) ; System.out.println("Input : " + formatBin2Hex(args[0].getBytes(), 16, 2) +"\n" ) ; System.out.println("Digest : " + formatBin2Hex(digest.digest(), 16, 2) +"\n" ) ; int m = ( n % s1 ); for ( int i = m ; i < s1 ; i++ ) { if ( ( i % s2 ) == 0 ) result += " "; result += " "; ascii += " "; } if ( m > 0 ) { result += " [" + ascii + "]\r\n"; } return result; } private static String _hexmap = " abcdef"; private static String _int2hex ( long i, int n ) { String result = ""; for ( int j = 0 ; j < n ; j++ ) { int m = (int)(i & (long)0xf); } public class MD5Test { public static void main(String[] args){ MessageDigest digest = null ; Security.addProvider(new DistriNet()) ; try{ digest = MessageDigest.getInstance("MD5 }tch(Exception e){ e.printStackTrace() ; System.exit(1) ; } digest.update(args[0].getBytes()) ; System.out.println("Input : " + digest.update(args[0].getBytes()) ; System.out.println("Input : " + digest.update(args[0].getBytes()) ; System.out.println("Input : " + formatBin2Hex(args[0].getBytes(), 16 System.out.println("Digest : " formatBin2Hex(digest.digest(), 1formatBin2Hex(digest.digest(), 16 formatBin2Hex(digest.digest(), 16 int m = ( n % s1 ); } Security is Pervasive (ctd.) Application-level security is crosscutting in structure Security Attributes SubjectObject Security Attributes Role ID Non-Security Attributes Age Time Non-Security Attributes Location Action ID Domain

SoBeNeT - DistriNet status reportBart De Win 9 Security is Evolving Security of a system is often implemented once and for all Unanticipated risks and changes –Threat analysis incomplete –Change in environment System Security policy (company, law, …)

SoBeNeT - DistriNet status reportBart De Win 10 Our research Optimization of the modularization of application-level security using Aspect-Oriented Software Development Rationale Address identified problems (pervasiveness, evolution) Applicability claimed [Filman98, Devanbu00, Suvee03, …] Challenges Security binding Complex requirements Flexibility and reuse /** Current 64 byte block to process */ private byte[] currentBlock = new byte[64] ; /** Constructor. */ public MD5(){ super("MD5") ; engineReset() ; } // *********************** // JCA JAVA ENGINE METHODS // *********************** /** Method to reset the MD5 engine. digest = MessageDigest.getInstance("MD5", "Distrinet") ; } catch(Exception e){ */ public void engineReset(){ count = 0 ; } /** Method to calculate the digest of the current message. *After calculation, the engine is reset. returns the message digest in a bytearray. */ public byte[] engineDigest(){ //calculate correct number of bits in total message digest = MessageDigest.getInstance("MD5", "Distrinet") ; } catch(Exception e){ long origMsgCount = count << 3 ; //append padding bits engineUpdate((byte)128) ; // append byte " " while (((int)(count & 63)) != 56){ engineUpdate((byte)0) ; //append byte 0 until 56 mod 64 } public class MD5Test { public static void main(String[] args){ MessageDigest digest = null ; Security.addProvider(new DistriNet()) ; try{ digest = MessageDigest.getInstance("MD5", "Distrinet") ; } digest = MessageDigest.getInstance("MD5", "Distrinet") ; } catch(Exception e){ digest = MessageDigest.getInstance("MD5", "Distrinet") ; } Security Attributes SubjectObject Security Attributes Role ID Non-Security Attributes Age Time Non-Security Attributes Location Action ID Domain Security Binding

SoBeNeT - DistriNet status reportBart De Win 11 Two approaches Interception-based AOSD –Intercept application execution events and execute extra behavior on these events –Application modules are not modified Weaving-based AOSD –Language-based approach –Application modules are modified

SoBeNeT - DistriNet status reportBart De Win 12 Basic Access Control in AspectJ Aspect Authorization { pointcut checkedMethods(): execution(* Account.withdraw(..)) ; Object around() throws Exception: checkedMethods() { Subject subj = null ; try { subj = ; boolean allowed = ; if (allowed) {return proceed ; } else {throw new AccessControlException(“Access denied”) ; } } catch(RuntimeException e){…} } Security mechanism Security binding

SoBeNeT - DistriNet status reportBart De Win 13 Evaluation InterceptionWeavingTraditional OO paradigm- 00 abstraction0+ initialization+ - + input/output0++ dependencies0++ interaction0+ state- 0+ superimposition+ +- adaptation- - intrusiveness0+ - merging0-- ordering- 0- distribution good support + 0 basic support no support

SoBeNeT - DistriNet status reportBart De Win 14 Impact on Security

SoBeNeT - DistriNet status reportBart De Win 15 Secure Software Development Process

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.