Software Security Contract Based Runtime Monitor Using AOP

In today's networked world, software is ubiquitous. In the face of an increasing number of business service on open networks and distributed platforms, security issues of software have become critical. Software with potentially leak will bring serious risk:malicious attack lead to denial of service, financial damage, leaking of confidential information. Software security assurance become one of important academic subject that improve software security. Firewall, Intrusion Detection System, Anti-Virus Engine, password protectiont, encryption algorithm and so on, which are current method of software security assurance have been used. Their common feature is being offered by the third parts. So the classic software do not have the ability to prevent from attacking themselves, which increase additional overhead. In this article we introduce software security assurance that defense attacking actively.Security contract is software security requirement which is got during requirement cycle starting from requirements document, and is as the core of formal verification, safety testing and safe operation and so on.The greatest contribute of this article is how to define security contract of implement phase and achieve run-time monitor, including the following several points specifically:Firstly, we introduce software development framework base security contract, during the software development cycle such as requirement, design, coding, testing, maintenance and so on we add security concerns and gives way to deal with security, which improve the tradition software development cycle. This article focuses on security contract in the run-time software implementation method. In the first scenario, the creation management.Security contract can be written by anyone, but in practice it can be expected that only a few people will actually write contracts. It can be anticipated that large companies or users will write contract centrally by their technical staff. Contract writers can use the Contract Manager tool to write and edit contract to prepare the contract for deployment, and to deploy it to software. The Contract Manager sends the contract and its representations to the Persistent Contract Store. This store is a container for all the contracts that have been deployed. Contracts are saved on secure data storage, and can only be read by the Persistent Contract Store manager. The second scenario zooms in on the deployment and loading of security contract. Deployment means turning contract text into different form which used in the software development base security contract. We turn the contract into monitor code using technique. When the system Loader receives a request to execute software, it sends the application to the Deployer, which inserted monitor code in the source code. And finally, the third scenario explains how the execution monitoring. The run time enforcement scenario only comes into play when software has been inlined. Run time enforcement takes the approach, which lets applications execute without first formally proof(using either a mathematical proof, nor a trust-based proof)that it will not violate the system contract. System by contract software is a container with monitor code, which enforce and implement security contract when the software is running.Secondly, We define a kind of AOP-Based Security Contract Language(ASCL)as a tool to descript security contract, and define syntax and morphology rules. Several basic concepts have been redefined in ASCL:Contract:is the basest concept in security contract, is composed by contract name, monitor object and monitor content. A contract of software is a abstract of security event.Contract collection:is finite set of event. The contract collection includes tow contents at least:contract sum, each event's description. This article gives two contract collection:data contract collection and operation contract collection.Security-Related Events (SREs):is used to note event value and information of parameters.Monitor object:when program run, the crux event take place:such as method calling. accessing, change of field, object initialization and so on. These events are called join point. Monitor condition:is a rule monitor object should satisfy.Monitor action:after matching the monitor condition, implement actions which are defined functions.These basic concepts's introduction causes the security contract formalize into a system. For instance, for the sake of taking convenience to users, they are allowed to define set form variable rule and monitor object in Java code.Finally, we research the execution of security contract, the contract which is acquired in the requirement cycle turn into the contract which can implement in the software running time. And deploy the contract into function code using AOP. Do our best to reduce coupling between function code and monitor code, which is no-side effect, and have better expansibility. Software is constituted of core concern point and cutting concern point, security is a cutting concern point of system. For the software developers, the AOP is difficult, creating monitor code automatically will be convenient to the developers. According as current security problems, create monitor mould. The similarity security problems should not be wrote security contract, reduce the workload of developers. we achieve creating monitor code automatically, deploying security contract.In all, we first discussed the software development life cycle framework basing security contract. As the most essential part of frame at the developer's point-security contract formulation, we have defined ASCL. The ASCL makes the definition of security contract more systematized, not only simplified the security policy's description, and moreover enhanced the descriptive power. When the security contract carry into execution, call the monitor aspect code in the monitor point using AOP. Finally, we give tool that support this method:using ASCL constitute security contract, create and manage contract data-base, and turn into monitor code automatically using technique. On Eclipse platform monitor aspect code can be weaved into function code, achieve the surveillance technology and the security policy formulation corresponds, both similarly tend to consummation.