Skip to Main Content
In this paper, we investigate the use of Java annotations for software security purposes. In particular, we implement a framework for content validation where the validation tests are specified by annotations. This approach allows to tag what properties to validate directly in the application code and eliminates the need for external XML configuration files. Furthermore, the testing code is still kept separate from the application code, hence facilitating the creation and reuse of custom tests. The main novelty of this framework consists in the possibility of defining tests for the validation of multiple and interdependent properties. The flexibility and reusability of tests are also improved by allowing composition and boolean expressions. The main result of the paper is a flexible framework for content-validation based on Java annotations.
Date of Conference: 9-15 May 2010