skip to main content
10.1145/3018896.3065828acmotherconferencesArticle/Chapter ViewAbstractPublication PagesiccConference Proceedingsconference-collections
research-article

Using aspect oriented programming to enforce privacy preserving communication in distributed systems

Published: 22 March 2017 Publication History

Abstract

Unauthorized access to personal information represents one of the most important challenges faced by network application developers. The privacy-preserving concept has arisen from the usage of database resources, which sometimes leads to the sharing of personal identifying information (PII). Adding or updating privacy and security concerns in system applications represents a difficult task for system developers because they need to track all program code to detect where privacy and security methods should be inserted. At the same time, they have to define which piece of code needs to be applied for different privacy and security policies. All of these concerns accumulate in the problem of scattering and tangling of system software. A widely-suggested but under-used solution to these problems is that of Aspect Oriented Programming (AOP). This paper proposes a new system for enforcing privacy-preserving concepts in order to ensure safe communication between distributed system nodes through the use of AOP. The idea based on the use of a smart server node called a judgment node (JN) to deal with data forwarding between the distributed system's nodes. Cryptographic algorithms are adopted in this work as a tool controlled by the JN to ensure the integrity of the transmitted data. We will present a novel approach which divides the data into portions with each part encrypted depending on the key of the authorized node used to process it. We use AOP characteristics for dealing with all of these concerns through the addition and removal of code dynamically to ensure a high level of performance. We use AOP as a core tool to modularize the privacy and security concerns, and to increase the clarity, maintainability and reusability of system software.

References

[1]
S. Betgé-brezetz, G. Kamga, M. Dupont, and A. Guesmi, "End-to-End Privacy Policy Enforcement in Cloud Infrastructure," Cloud Netw. (CloudNet), 2013 IEEE 2nd Int. Conf., pp. 25--32, 2013.
[2]
L. Zheng and S. Chong, "Using replication and partitioning to build secure distributed systems," in SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy, 2003, pp. 236--250.
[3]
A. Srinivasulu, C. Subbarao, and A. Bhudevi, "Dynamic Data Storage Publishing and Forwarding in Cloud Using Fusion Security Algorithms," Comput. Sci. Inf. Technol. Vol. 2(4), pp. 203 -- 210 vol. 2, no. 4, pp. 203--210, 2014
[4]
M.-E. Wu, S.-Y. Chang, C.-J. Lu, and H.-M. Sun, "A communication-efficient private matching scheme in Client-Server model," Inf. Sci. (Ny)., vol. 275, pp. 348--359, 2014.
[5]
Y. Zhao, M. Du, J. Le, and Y. Luo, "A survey on privacy preserving approaches in data publishing," Proc. - 2009 1st Int. Work. Database Technol. Appl. DBTA 2009, vol. 2, no. 1, pp. 128--131, 2009.
[6]
S. T. F. Al-janabi and N. A. Ali, "Hiding Sensitive Frequent Itemsets over Privacy Preserving Distributed Data Mining," Fifth Sci. Conf. Inf. Technol. 2012 Dec. 19-20, vol. 10, no. 1, pp. 91--105, 2013.
[7]
H. Perl, Y. Mohammed, M. Brenner, and M. Smith, "Privacy/performance trade-off in private search on bio-medical data," Futur. Gener. Comput. Syst., vol. 36, pp. 441--452, 2013.
[8]
R. Chaudhary and R. Chatterjee, "Reusability in AOSD - The Aptness, Assessment and Analysis," Optim. Reliab. Inf. Technol. (ICROIT), 2014 Int. Conf., no. c, pp. 34--39, 2014.
[9]
N. Sharma, U. Batra, and S. Mukherjee, "Enhancing Security in Service Oriented Architecture driven EAI using Aspect Oriented Programming in healthcare IT," Int. J. Sci. Eng. Res. - IJSER, vol. 5, no. 3, pp. 50--53, 2014.
[10]
R. Toledo and É. Tanter, "Secure and modular access control with aspects," in Proceedings of the 12th annual international conference on Aspect-oriented software development - AOSD '13, 2013, p. 157.
[11]
C. K. Chang and T. Kim, "Distributed Systems Design using Function-Class Decomposition with Aspects," 10th IEEE Int. Work. Futur. Trends Distrib. Comput. Syst., pp. 148--153, 2004.
[12]
A. Zambrano, S. Gordillo, and J. Fabry, "a Fine Grained Aspect Coordination Mechanism," Int. J. Softw. Eng. Knowl. Eng., vol. 20, no. 07, pp. 1025--1042, 2010.
[13]
Y. EL-Manzalawy, "Aspect Oriented Programming." 2004.
[14]
D. Fletcher and F. Akkawi, "From research to operations: integrating components with an aspect-oriented framework and ontology," Aerosp. ..., pp. 3064--3078, 2004.
[15]
S. Kotrappa and P. J. Kulkarni, "Multilevel Security Using Aspect Oriented Programming AspectJ," 2010 Int. Conf. Adv. Recent Technol. Commun. Comput., pp. 369--373, Oct. 2010.
[16]
S. Koirala, "An introduction to Aspect Oriented Programming in .NET.," 2014. http://www.codeproiect.com/Articles/11385/Aspect-Oriented-Programming-in-NET.
[17]
M. Garc a, D. Llewellyn-Jones, F. Ortin, and M. Merabti, "Applying dynamic separation of aspects to distributed systems security: a case study," IET Softw., vol. 6, no. 3, p. 231, 2012.
[18]
R. Laddad, "I want my AOP! ", Part1," Jan 18 2002. http://www.javaworld.com/article/2073918/core-java/i-want-my-aop---part-1.html
[19]
K. Chen and D. Wang, "AN ASPECT-ORIENTED APPROACH TO PRIVACY-AWARE ACCESS CONTROL," Mach. Learn. Cybern. 2007 Int. Conf., vol. 5, no. August, pp. 3016--3021, 2007.
[20]
T. Scheffler, S. Schindler, and B. Schnor, "Enforcing Location Privacy Policies through an AOP-based Reference Monitor," Internet Secur. (WorldCIS), 2012 World Congr., pp. 51--56, 2012.
[21]
A. Mourad, S. Ayoubi, and H. Yahyaoui, "New approach for the dynamic enforcement of Web services security," Secur. Trust, pp. 189--196, 2010.
[22]
G. Hermosillo, R. Gomez, L. Seinturier, and L. Duchien, "AProSec: An aspect for programming secure web applications," Proc. - Second Int. Conf. Availability, Reliab. Secur. ARES 2007, pp. 1026--1033, 2007.
[23]
L. K. E. Mece, "Towards full protection of web application based on Aspect Oriented Programming," Double Blind Peer Rev. Int. Res. J., vol. 12, no. 1, 2012.
[24]
P. Yu, J. Sendor, G. Serme, and A. S. De Oliveira, "Automating privacy enforcement in cloud platforms," Lect. Notes Comput. Sci. (including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics), vol. 7731 LNCS, pp. 160--173, 2013.
[25]
C. Vanden Berghe and M. Schunter, "Privacy injector - Automated privacy enforcement through aspects," Lect. Notes Comput. Sci. (including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics), vol. 4258 LNCS, pp. 99--117, 2006.
[26]
A. Albreshne, P. Fuhrer, and J. Pasquier, "Web Services Orchestration and Composition," Hewlett-Packard's Dev. Resour. Organ., pp. 46--52, 2003.

Cited By

View all
  • (2019)A Systematic Mapping Study of Cloud Policy Languages and Programming ModelsJournal of King Saud University - Computer and Information Sciences10.1016/j.jksuci.2019.05.003Online publication date: May-2019

Index Terms

  1. Using aspect oriented programming to enforce privacy preserving communication in distributed systems

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Other conferences
    ICC '17: Proceedings of the Second International Conference on Internet of things, Data and Cloud Computing
    March 2017
    1349 pages
    ISBN:9781450347747
    DOI:10.1145/3018896
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 22 March 2017

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. aspect-oriented programming
    2. aspectJ
    3. distributed systems
    4. privacy-preservation

    Qualifiers

    • Research-article

    Conference

    ICC '17

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)2
    • Downloads (Last 6 weeks)0
    Reflects downloads up to 14 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2019)A Systematic Mapping Study of Cloud Policy Languages and Programming ModelsJournal of King Saud University - Computer and Information Sciences10.1016/j.jksuci.2019.05.003Online publication date: May-2019

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media