Aspect-Oriented Programming and Aspect.NET as Security and Privacy Tool for Web and 3D Web Programming

Aspect-Oriented Programming and Aspect.NET as Security and Privacy Tool for Web and 3D Web Programming

Vladimir O. Safonov (St. Petersburg University, Russia)
Copyright: © 2012 |Pages: 43
DOI: 10.4018/978-1-61350-323-2.ch809
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

This chapter covers the use of aspect-oriented programming (AOP) and Aspect.NET, an AOP toolkit for the .NET platform, to implement Web and 3D Web security and privacy. In this chapter the author shows that AOP is quite suitable as a trustworthy software development tool. AOP and Aspect.NET basics are overviewed using simple examples. Principles of applying Aspect.NET for Web and 3D Web security and privacy implementation are also discussed. The chapter presents a library of sample aspects implementing security and privacy for Web programming.
Chapter Preview
Top

Background

Every network environment is susceptible to risks, and wireless networks are not the exception. According to a survey by the Federal Bureau of Investigation of the United States, the only category of threats that shows a significant increase in number of attacks and/or possibility of misuse in the last few years is “wireless network abuse.” The broadcasting nature of these networks has turned them into perfect targets for nonauthorized users.

According to Arbaugh (2001), these problems are exacerbated by the myriad of free security-threatening tools widely available for download on the Internet and because of the inherent vulnerabilities of wireless networks themselves. One of the most exploited vulnerabilities is the WEP protocol (Fluhrer, Mantin, & Shamir, 2002; Peikari & Forgie, 2002), which is such a severe problem that many companies have decided to abandon the wireless business.

On the other hand, a good amount of the deployment strategies of wireless networks lack a cohesive and effective integration with the authentication services infrastructure of the organization in which they are implemented (Arbaugh & Shankar, 2002). This common mistake is easy to mitigate, and its correction is evident almost immediately by closing the gap between the number of authorized and unauthorized users. This is evident because authorized users are checked against a database with secure access methods inside the wired network.

In other cases, security problems go beyond the merely technological element (National Institute of Standards and Technology, 2007). Commonly, the lack of planning of the wireless network is a decisive coverage and placement factor. Other elements, such as security policies, access procedures, internal policies governing the use of and access to resources and guidelines governing confidentiality and protection of information serve as a complementary regulatory framework that provides support to the technological infrastructure, establishing limitations related to the way in which information is and/or should be used.

Complete Chapter List

Search this Book:
Reset