Software Investigate

A Practical Framework for the Dataflow Pointcut in AspectJ

Download now Free registration required

Executive Summary

In this paper, the authors present the design and the implementation of the dataflow pointcut in AspectJ compiler ajc 1.5.0. Some security concerns are sensitive to flow of information in a program execution. The dataflow pointcut has been proposed by Masuhara and Kawauchi in order to easily implement such security concerns in aspect-oriented programming languages. The pointcut identifies join points based on the origins of values. The dataflow pointcut can detect and fix a lot of vulnerabilities that result from not validating input effectively, e.g., web application vulnerabilities, process injection, log forging, and path injection. AspectJ extends the Java programming language to implement crosscutting concerns modularly in general.

  • Format: PDF
  • Size: 242.91 KB