The Artima Developer Community
Sponsored Link

Java Buzz Forum
Microsoft could use AOP to help enforce their Security

0 replies on 1 page.

Welcome Guest
  Sign In

Go back to the topic listing  Back to Topic List Click to reply to this topic  Reply to this Topic Click to search messages in this forum  Search Forum Click for a threaded view of the topic  Threaded View   
Previous Topic   Next Topic
Flat View: This topic has 0 replies on 1 page
dion

Posts: 5028
Nickname: dion
Registered: Feb, 2003

Dion Almaer is the Editor-in-Chief for TheServerSide.com, and is an enterprise Java evangelist
Microsoft could use AOP to help enforce their Security Posted: Mar 22, 2005 3:53 PM
Reply to this message Reply

This post originated from an RSS feed registered with Java Buzz by dion.
Original Post: Microsoft could use AOP to help enforce their Security
Feed Title: techno.blog(Dion)
Feed URL: http://feeds.feedburner.com/dion
Feed Description: blogging about life the universe and everything tech
Latest Java Buzz Posts
Latest Java Buzz Posts by dion
Latest Posts From techno.blog(Dion)

Advertisement

Michael Howard is on a security team at Microsoft. He is the author of Writing Secure Code, and he spoke to us about the security scene at Microsoft.

The #1 agenda at MSFT used to be "app compat" (NOTE: There seems to be a sub-culture at MSFT that uses different terms :), but now security has taken over the top spot.

To enforce this, Michael and his team came up with a new software development process. He detailed this in front of us all.

I asked him about AOP, and he said that he hasn't thought about it.

To me, enforcing security policies is a perfect example of AOP. A lot of the AOP work that you can get into places, starts off with this style. You write some nice aspects which modularize your policy, and then developers aren't able to trip up.

This should be the same way in MSFT. If I develop something which doesn't meant the secure code guidelines, when I do a build, I should get a warning.

This is a much better idea than going through code at the end of the process.

Of course, these policies may not be able to 100% capture the cross-cutting security concern, but they can surely do some of it!

Come on Michael, take it to the next level ;)

Read: Microsoft could use AOP to help enforce their Security

Topic: JythonWiki Previous Topic   Next Topic Topic: planet-eclipse.org

Sponsored Links



Google
  Web Artima.com   

Copyright © 1996-2019 Artima, Inc. All Rights Reserved. - Privacy Policy - Terms of Use