Security for Distributed Web-Applications via Aspect-Oriented Programming

Identity Management is becoming more and more important in business systems as they are opened for third parties including trading partners, consumers and suppliers. This paper presents an approach securing a system without any knowledge of the system source code. The security module adds to the existing system authentication and authorisation based on aspect oriented programming and the liberty alliance framework, an upcoming industrie standard providing single sign on. In an initial training phase the module is adapted to the application which is to be secured. Moreover the use of hardware tokens and proactive computing is demonstrated. The high modularisation is achived through use of AspectJ, a programming language extension of Java.