Aspect-oriented programming (AOP) is a paradigm that is quickly gaining traction in the development world. At least partially spurred by the popularity of the Java Spring framework [1], people are beginning to understand the substantial benefits that AOP brings to development. While several others have tied AOP to security [2][3], I aspire to raise awareness amongst my information security colleagues that AOP can have a substantially beneficial impact on application security. I'm convinced that, if more of us understand it, we'll be in a better place to work with developers to create secure applications and perhaps, more importantly add security into existing insecure applications.
Expand all |
Post comment
Moreover, I don't think we're necessarily missing techniques on how to build NEW applications securely. The biggest security benefit of AOP that I can see is that it can be used to plug holes in existing applications, and the reality is that most developers are not working with net new applications.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/infocus/1895/997#997