Adding secure communication mechanism to existing distributed applications by means of AOP

Abstract

The object-oriented programming paradigm is a process of implementing a program by means of 'Objects' into which separate concerns are grouped. However, it does not map some types of concerns such as security, logging and exception handling, which should be implemented in each object separately. As most of the security goals, reliable communication is a non-functional requirement in a distributed system development process, and it typically crosscuts many objects in the distributed architecture. Program codes to realize this secure communication goal is generally spread in different code places throughout the application. Aspect-oriented programming (AOP) is a new programming paradigm that improves program modularity by enabling the separation of concerns from the main logic of the application. For example, in the context of security, developers should not need to encode security logic in the main program; instead, it can be grouped into a separate and independent unit, called as aspects. This paper presents a case study to illustrate how aspect oriented approach can be used to resolve the scattered and tangled concerns, like secure communication, in a previously developed distributed system in which objects communicate with each other via Java RMI. As a java-based aspect oriented tool, AspectJ is used to encapsulate the security related crosscutting concerns like communication. Performance evaluations are tested for adding security aspect to a distributed application. As a result, usage of aspects is a good choice for enhancing system to achieve high cohesion and low coupling, which are one of the main the software engineering requirements. It also enhances the readability of the system and makes system easier to maintain. © 2013 Springer Science+Business Media.