Monitoring Components by Using Aspects and Contracts in Wrappers
Loading...
Authors
Yang, Xiaofeng
Date
2011-01-05T16:27:35Z
Type
thesis
Language
eng
Keyword
Wrappers , Contracts , Aspects , Components
Alternative Title
Abstract
The re-usability and modularity of components reduce the cost and complexity of the software design. It is difficult to predict run-time scenarios covering all possible circumstances to ensure that the components are full compatible with the system. Monitoring run-time behaviours of components presents a close view of the component qualities. The existing monitoring approaches either implement applications with built-in monitoring features, or observe the external resource and events to predict the status of the components. In this thesis work, we propose an approach to monitor the run-time behaviours of components with aspect-oriented wrappers and contracts.
We design monitoring wrappers to encapsulate the monitored components. The wrapper has the access to interfaces and properties of the wrapped component. We adopt the methodology of Design by Contract to enforce security policies on component wrappers. The contracts define the mutual obligations of two interacting components. The policies implemented in contracts are woven into component wrappers as separate aspect modules. If the component contains any flaws, the wrappers can monitor the behaviours and prevent failures propagating into the wrapped components and the rest of the system. This approach assures that the system is running in a safe environment with the erroneous behaviours or failures detected appropriately. Secure access between the wrappers guarantees a secure environment for the wrapped components.
We conducted experiments on the run-time monitoring of SQL Injection and Cross Site Scripting attacks. We designed cross-cutting concerns such as logging for components to illustrate monitoring components without
touching the underlying components. Monitoring on access control is also possible and feasible to add as an additional concern and is also demonstrated in the experiments. The results show that the framework is very flexible to impose separate policies as aspects on component wrappers without the modifications of the underlying components.
Description
Thesis (Master, Computing) -- Queen's University, 2011-01-02 20:43:16.884
Citation
Publisher
License
This publication is made available by the authority of the copyright owner solely for the purpose of private study and research and may not be copied or reproduced except as permitted by the copyright laws without written authority from the copyright owner.