Geodesic
Implementation of security policies in programming information processing systems
Prikladnaâ diskretnaâ matematika, no. 3 (2011), pp. 55-64.

Voir la notice de l'article provenant de la source Math-Net.Ru

The problem of protecting information processing systems by implementing security policies in them is considered. The existing methods for solving this problem are analyzed, their disadvantages are noted, and the original method is proposed which avoids the noted disadvantages and is based on the aspect-oriented programming. In contrast to traditional aspect-oriented programming implementations, in the proposed method the security policy aspect is joined to the information processing system with the special integration module and without modification of either the information processing system or the security policy aspect that are written independently from each other and from the integration module. For the implementation of the method, the instrumental environment is created including the aspect-oriented programming language AspectTalk, the virtual machine and the translator from AspectTalk into the virtual machine language. The article contains the brief description of both the proposed method and the noted instrumental environment.
Keywords: information processing systems, security policy, aspect-oriented programming, AspectTalk, virtual machine. 
@article{PDM_2011_3_a3,
     author = {D. A. Stefantsov},
     title = {Implementation of security policies in programming information processing systems},
     journal = {Prikladna\^a diskretna\^a matematika},
     pages = {55--64},
     publisher = {mathdoc},
     number = {3},
     year = {2011},
     language = {ru},
     url = {http://geodesic.mathdoc.fr/item/PDM_2011_3_a3/}
}
TY  - JOUR
AU  - D. A. Stefantsov
TI  - Implementation of security policies in programming information processing systems
JO  - Prikladnaâ diskretnaâ matematika
PY  - 2011
SP  - 55
EP  - 64
IS  - 3
PB  - mathdoc
UR  - http://geodesic.mathdoc.fr/item/PDM_2011_3_a3/
LA  - ru
ID  - PDM_2011_3_a3
ER  - 
%0 Journal Article
%A D. A. Stefantsov
%T Implementation of security policies in programming information processing systems
%J Prikladnaâ diskretnaâ matematika
%D 2011
%P 55-64
%N 3
%I mathdoc
%U http://geodesic.mathdoc.fr/item/PDM_2011_3_a3/
%G ru
%F PDM_2011_3_a3
D. A. Stefantsov. Implementation of security policies in programming information processing systems. Prikladnaâ diskretnaâ matematika, no. 3 (2011), pp. 55-64. http://geodesic.mathdoc.fr/item/PDM_2011_3_a3/

[1] Bell D. E., LaPadula L. J., Secure computer system: Unified exposition and multics interpretation, Tech. Rep. ESD-TR-75-306, The MITRE Corporation, 1976

[2] Landwehr C. E., “Formal models for computer security”, ACM Comput. Surv., 13:3 (1981), 247–278 | DOI

[3] Devyanin P. N., Analiz bezopasnosti upravleniya dostupom i informatsionnymi potokami v kompyuternykh sistemakh, Radio i svyaz, M., 2006, 176 pp.

[4] DoD 5200.28-STD (Trusted Computer System Evaluation Criteria), National Computer Security Center, USA, 1985, 116 pp.

[5] Security-Enhanced Linux, , 2009 http://www.nsa.gov/research/selinux/index.shtml

[6] Technical Note TN2127, Kernel Authorization, , 2010 http://developer.apple.com/library/mac/technotes/tn2127/_index.html

[7] NetBSD Kernel Developer's Manual. KAUTH, , 2009 http://netbsd.gw.com/cgi-bin/man-cgi?kauth+9+NetBSD-current

[8] Implementing Jails Under the kauth Framework, , 2008 http://2008.asiabsdcon.org/papers/P3A-paper.pdf

[9] Elrad T., Filman R. E., Bader A., “Aspect-Oriented Programming”, Commun. ACM, 44:10 (2001), 29–32 | DOI

[10] Stefantsov D. A., “Realizatsiya politik bezopasnosti v kompyuternykh sistemakh s pomoschyu aspektno-orientirovannogo programmirovaniya”, Prikladnaya diskretnaya matematika, 2008, no. 1, 94–100

[11] Stefantsov D. A., “Tekhnologiya i instrumentalnaya sreda sozdaniya zaschischënnykh sistem obrabotki informatsii”, Prikladnaya diskretnaya matematika, 2009, Prilozhenie No 1, 55–56

[12] Bouraqadi N., Seriai A., Leblanc G., “Towards unified aspect-oriented programming”, ESUG 2005 Research Conference, Brussels, Belgium, 2005, 22 pp.

[13] Kiczales G., The Art of Meta-Object Protocol, The MIT Press, 1991, 345 pp.

[14] The AspectJ Project, , 2011 http://eclipse.org/aspectj

[15] Kiczales G., Hilsdale E., Hugunin J., et al., “Getting Started with AspectJ”, Commun. ACM, 44:10 (2001), 59–65 | DOI

[16] Diaz Pace J. A., Campo M. R., “Analyzing the Role of Aspects in Software Design”, Commun. ACM, 44:10 (2001), 67–73

[17] Lieberherr K., Orleans D., Ovlinger J., “Aspect-Oritnted Programming with Adaptive Methods”, Commun. ACM, 44:10 (2001), 39–41 | DOI

[18] Bergmans L., Aksit M., “Composing Crosscutting Concerns Using Composition Filters”, Commun. ACM, 44:10 (2001), 51–57 | DOI

[19] Goldberg A., Robson D., Smalltalk 80 – The Language and its implementation, v. 1, Addison-Wesley, 1983, 714 pp. | Zbl

[20] Akho A., Ulman Dzh., Seti R., Kompilyatory: printsipy, tekhnologii i instrumenty, Vilyams, M., 2003, 768 pp.

[21] Abelson Kh., Sassman Dzh., Struktura i interpretatsiya kompyuternykh programm, Dobrosvet, M., 2006, 608 pp.