AspectKE: Security Aspects With Program Analysis for Distributed Systems

Enforcing security policies to distributed systems is difficult, in particular, when a system contains untrusted components. The authors designed AspectKE, a distributed AOP language based on a tuple space, to tackle this issue. In AspectKE, aspects can enforce access control policies that depend on future behavior of running processes. One of the key language features is the predicates and functions that extract results of static program analysis, which are useful for defining security aspects that have to know about future behavior of a program.