Aspect-oriented programming (AOP) is a paradigm that is quickly gaining traction in the development world. At least partially spurred by the popularity of the Java Spring framework [1], people are beginning to understand the substantial benefits that AOP brings to development. While several others have tied AOP to security [2][3], I aspire to raise awareness amongst my information security colleagues that AOP can have a substantially beneficial impact on application security. I'm convinced that, if more of us understand it, we'll be in a better place to work with developers to create secure applications and perhaps, more importantly add security into existing insecure applications.
Expand all |
Post comment
The product requires a multitasking database supplied through a VPN to my software product of many users.
When I create a socket connection with my VPN server what sort of fire wall action am I vulnerable to and how should I protect my self.
To limit access to the database I can encrypt data that my software product can decode
And the data sent from my software product can have a second encryption method.
What other methods of security do I have available to me. I?m not going to be able to trace the locations of my software but my software will be registered with a registration method.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/infocus/1895/1019#1019