research-article

Features and object capabilities: reconciling two visions of modularity

Authors:
Salman Saghafi

WPI, Worcester, MA, USA

WPI, Worcester, MA, USA
View Profile

,
Kathi Fisler

WPI, Worcester, MA, USA

WPI, Worcester, MA, USA
View Profile

,
Shriram Krishnamurthi

Brown University, Providence, RI, USA

Brown University, Providence, RI, USA
View Profile

AOSD '12: Proceedings of the 11th annual international conference on Aspect-oriented Software DevelopmentMarch 2012Pages 25–34https://doi.org/10.1145/2162049.2162053

Published:25 March 2012Publication History

AOSD '12: Proceedings of the 11th annual international conference on Aspect-oriented Software Development

Pages 25–34

ABSTRACT

The prevalence of threats and attacks in modern systems demands programming techniques that help developers maintain security and privacy. In particular, frameworks for composing components written by multiple parties must enable the authors of each component to erect safeguards against intrusion by other components. Object-capability systems have been particularly prominent for enabling encapsulation in such contexts.

We describe the program structures dictated by object capabilities and compare these against those that ensue from feature-oriented programming. We argue that the scalability offered by the latter appears to clash with the precision of authority designation demanded by the former. In addition to presenting this position from first principles, we illustrate it with a case study. We then offer a vision of how this conflict might be reconciled, and discuss some of the issues that need to be considered in bridging this mismatch. Our findings suggest a significant avenue for research at the intersection of software engineering and security.

References

Aldrich, J. 2004. Open modules: Modular reasoning in aspect-oriented programming. In Foundations of Aspect-Oriented Languages. 7--18.Google Scholar
Apel, S., Kastner, C., and Lengauer, C. 2009. Featurehouse: Language-independent, automated software composition. In Proceedings of the 31st International Conference on Software Engineering. ICSE '09. IEEE Computer Society, Washington, DC, USA, 221--231. Google ScholarDigital Library
Apel, S., Kolesnikov, S., Liebig, J., Kastner, C., Kuhlemann, M., and Leich, T. 2010. Access control in feature-oriented programming. Science of Computer Programming. Google ScholarDigital Library
Batory, D. 2004. Feature-oriented programming and the AHEAD tool suite. In International Conference on Software Engineering. 702--703. Google ScholarDigital Library
Batory, D. S., Sarvela, J. N., and Rauschmayer, A. 2004. Scaling step-wise refinement. IEEE Transactions on Software Engineering 30, 6, 355--371. Google ScholarDigital Library
Findler, R. B. and Flatt, M. 1998. Modular object-oriented programming with units and mixins. In ACM SIGPLAN International Conference on Functional Programming. 94--104. Google ScholarDigital Library
Hardy, N. 1988. The confused deputy (or why capabilities might have been invented). ACM SIGOPS Operating Systems Review 22. Google ScholarDigital Library
Kastner, C., Apel, S., and Ostermann, K. 2011. The road to feature modularity? In Proceedings of the International Workshop on Feature-Oriented Software Development (FOSD). Google ScholarDigital Library
Kastner, C., Apel, S., Thüm, T., and Saake, G. 2011. Type checking annotation-based product lines. ACM Transactions on Software Engineering and Methodology (TOSEM). Google ScholarDigital Library
Kiczales, G., Hilsdale, E., Hugunin, J., Kersten, M., Palm, J., and Griswold, W. 2001. An overview of AspectJ. In European Conference on Object-Oriented Programming. 327--353. Google ScholarDigital Library
Kiczales, G., Lamping, J., Mendhekar, A., Maeda, C., Lopes, C. V., Loingtier, J.-M., and Irwin, J. 1997. Aspect-oriented programming. In European Conference on Object-Oriented Programming. 220--242.Google Scholar
Kiczales, G. and Mezini, M. 2005. Aspect-oriented programming and modular reasoning. In International Conference on Software Engineering. 49--58. Google ScholarDigital Library
Krishnamurthi, S. and Fisler, K. 2007. Foundations of incremental aspect model-checking. ACM Transactions on Software Engineering and Methodology 16, 2. Google ScholarDigital Library
Levy, H. M. 1984. Capability-Based Computer Systems. Digital Equipment Corporation. Google ScholarDigital Library
Mettler, A., Wagner, D., and Close, T. 2010. Joe-E: A security-oriented subset of Java. In Network and Distributed System Security Symposium.Google Scholar
Miller, M., Yee, K.-P., and Shapiro, J. Capability myths demolished. Available online at http://srl.cs.jhu.edu/pubs/SRL2003-02.pdf. Last accessed Sept 23, 2011.Google Scholar
Miller, M. S. 2006. Robust composition: Towards a unified approach to access control and concurrency control. Ph.D. thesis, Johns Hopkins University. Google ScholarDigital Library
Parnas, D. L. 1972. On the criteria to be used in decomposing systems into modules. Communications of the ACM 15, 12, 1053--1058. Google ScholarDigital Library
Politz, J. G., Eliopoulos, S. A., Guha, A., and Krishnamurthi, S. 2011. ADsafety: Type-based verification of JavaScript sandboxing. In USENIX Security Symposium. Google ScholarDigital Library
Prehofer, C. 1997. Feature-oriented programming: A fresh look at objects. In ECOOP'97--Object-Oriented Programming, 11th European Conference, M. Aksit and S. Matsuoka, Eds. Vol. 1241. Springer, Jyvaskyla, Finland, 419--443.Google ScholarCross Ref
Saltzer, J. H. 1974. Protection and the control of information sharing in Multics. Communications of the ACM 17, 7. Google ScholarDigital Library

Index Terms

Features and object capabilities: reconciling two visions of modularity
1. Software and its engineering
  1. Software notations and tools
    1. General programming languages
      1. Language features
        Modules / packages

Recommendations

Object capabilities for security
PLAS '06: Proceedings of the 2006 workshop on Programming languages and analysis for security

Existing systems often do a poor job of meeting the principle of least privilege. I will discuss how object capability systems and language-based methods can help address this shortcoming. In language-based object capability systems, an object reference ...
Read More
Object-oriented design in feature-oriented programming
FOSD '12: Proceedings of the 4th International Workshop on Feature-Oriented Software Development

Object-oriented programming is the state-of-the-art programming paradigm for developing large and complex software systems. To support the development of maintainable and evolvable code, a developer can rely on different mechanisms and concepts such as ...
Read More
Canada's cyber warfare capabilities
CERIAS '13: Proceedings of the 14th Annual Information Security Symposium

This paper discusses Canada and its ability to wage cyber warfare. Several definitions of cyber warfare are presented and discussed, as well as the motives and potential actors behind a cyber attack. Several definitions of cyberspace are also discussed ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
AOSD '12: Proceedings of the 11th annual international conference on Aspect-oriented Software Development
March 2012
286 pages
ISBN:9781450310925
DOI:10.1145/2162049
Conference Chair:
Michael Haupt
Oracle Labs, Potsdam, Germany
,
General Chair:
Robert Hirschfeld
Hasso-Plattner-Institut, University of Potsdam, Germany
,
Program Chairs:
Éric Tanter
Universidad de Chile, Chile
,
Kevin J. Sullivan
University of Virginia, USA
,
Richard P. Gabriel
IBM Research, USA
Copyright © 2012 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 25 March 2012
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
capability-oriented programming
feature-oriented programming
Qualifiers
- research-article
Conference

Acceptance Rates
AOSD '12 Paper Acceptance Rate20of79submissions,25%Overall Acceptance Rate41of139submissions,29%
More
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 4
  Total Citations
  View Citations
- 201
  Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Features and object capabilities: reconciling two visions of modularity

AOSD '12: Proceedings of the 11th annual international conference on Aspect-oriented Software Development

ABSTRACT

References

Cited By

Index Terms

Recommendations

Object capabilities for security

Object-oriented design in feature-oriented programming

Canada's cyber warfare capabilities