Queen's University - Utility Bar

QSpace at Queen's University >
Graduate Theses, Dissertations and Projects >
Queen's Graduate Theses and Dissertations >

Please use this identifier to cite or link to this item: http://hdl.handle.net/1974/6262

Title: Monitoring Components by Using Aspects and Contracts in Wrappers
Authors: Yang, Xiaofeng

Files in This Item:

File Description SizeFormat
Yang_Xiaofeng_201101_Msc.pdf998.47 kBAdobe PDFView/Open
Keywords: Wrappers
Issue Date: 2011
Series/Report no.: Canadian theses
Abstract: The re-usability and modularity of components reduce the cost and complexity of the software design. It is difficult to predict run-time scenarios covering all possible circumstances to ensure that the components are full compatible with the system. Monitoring run-time behaviours of components presents a close view of the component qualities. The existing monitoring approaches either implement applications with built-in monitoring features, or observe the external resource and events to predict the status of the components. In this thesis work, we propose an approach to monitor the run-time behaviours of components with aspect-oriented wrappers and contracts. We design monitoring wrappers to encapsulate the monitored components. The wrapper has the access to interfaces and properties of the wrapped component. We adopt the methodology of Design by Contract to enforce security policies on component wrappers. The contracts define the mutual obligations of two interacting components. The policies implemented in contracts are woven into component wrappers as separate aspect modules. If the component contains any flaws, the wrappers can monitor the behaviours and prevent failures propagating into the wrapped components and the rest of the system. This approach assures that the system is running in a safe environment with the erroneous behaviours or failures detected appropriately. Secure access between the wrappers guarantees a secure environment for the wrapped components. We conducted experiments on the run-time monitoring of SQL Injection and Cross Site Scripting attacks. We designed cross-cutting concerns such as logging for components to illustrate monitoring components without touching the underlying components. Monitoring on access control is also possible and feasible to add as an additional concern and is also demonstrated in the experiments. The results show that the framework is very flexible to impose separate policies as aspects on component wrappers without the modifications of the underlying components.
Description: Thesis (Master, Computing) -- Queen's University, 2011-01-02 20:43:16.884
URI: http://hdl.handle.net/1974/6262
Appears in Collections:Queen's Graduate Theses and Dissertations
School of Computing Graduate Theses

Items in QSpace are protected by copyright, with all rights reserved, unless otherwise indicated.


  DSpace Software Copyright © 2002-2008  The DSpace Foundation - TOP