The project starts from the observation that many high quality security building blocks, such as authentication technologies, authorization engines or data protection protocols are widely available. These building blocks are an essential but not sufficient enabler for building secure distributed software: most of the vulnerabilities in software systems are not directly related to these (traditional) security specific components.
The SEC SODA project addresses complenentary facets of distributed software development that have a substantial impact on the global security of the software product.
More specifically, the project consists of research activities to :
1) support the systematic development of security-aware software architectures in which security properties can be accommodated, as well as verified for their effectiveness
2) enable the trustworthy deployment of secure software via techniques of self-protecting code, encrypted execution and remote attestation
3) enhance the implementation experience for developers of secure software by providing programming models that provably guarantee the absence of particular security problems, as well as by improving the integration of specialized security measures into a security-unaware, or even untrusted software artefact.
The latter activity includes the application of AOP and AOSD to impose security measures on business logic, but also the protection of aspects and components from negative interference by untrusted components and aspects. This work has lead to the creation of an aspect permission system that increases the security level of software that is subject to composition with third party aspects. This topic is a potential avenue of collaboration with PhD students that prefer to work on AOSD.