(from the abstract of my thesis proposal)

It is inevitable that some concerns crosscut a sizeable application, resulting in code scattering and tangling. This issue is particularly severe for security-related concerns: it is dificult to be confident about the security of an application when the implementation of its security-related concerns is scattered all over the code and tangled with other concerns, making global reasoning about security precarious. In this thesis proposal, we consider the case of access control, a cornerstone of every security architecture, which turns out to be a crosscutting concern with a non-modular implementation based on runtime stack inspection in mainstream languages such as Java and C#. In this thesis we consider the use of aspect-orientation for the modular definition of access control. More precisely, we tackle the issue of specifying access control, including the advanced features associated to it, in a modular way. A modular implementation alleviates maintenance and evolution issues produced by the crosscutting nature of access control, and, more importantly, paves the way to global reasoning about access control.

Personal WEB page:

http://www.rtoledo.cl

For those who like panoramic pictures:

http://panos.rtoledo.cl