Le Traon, Yves[University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)]
2013 International Conference on Availability, Reliability and Security
Availability, Reliability and Security (ARES), 2013 Eighth International Conference on
from 2-03-2013 to 6-03-2013
[en] Security of Java-based applications is crucial to many businesses today. In this paper, we propose an approach to completely automate the generation of a security architecture inside of a target Java application where advanced security policies can be enforced. Our approach combines the use of Aspect-Oriented Programming with the Policy Enforcement Point (PEP) - Policy Decision Point (PDP) paradigm and allows the runtime update of policies.