A High-Level Aspect-Oriented Based Language for Software Security Hardening

In this paper, the authors propose an aspect-oriented language, called SHL (Security Hardening Language), for specifying systematically the security hardening solutions. This language constitutes their new achievement towards developing their security hardening framework. SHL allows the description and specification of security hardening plans and patterns that are used to harden systematically security into the code. It is a minimalist language built on top of the current aspect-oriented technologies that are based on advice-poincut model and can also be used in conjunction with them. The primary contribution of this approach is providing the security architects with the capabilities to perform security hardening of software by applying well-defined solution and without the need to have expertise in the security solution domain.