Component-based access control: secure software composition through static analysis

  • Authors:

  • Pierre Parrend;Stéphane Frénot

  • Affiliations:

  • INRIA, ARES, CITI, INSA-Lyon, France;INRIA, ARES, CITI, INSA-Lyon, France

  • Venue:
  • SC'08 Proceedings of the 7th international conference on Software composition
  • Year:
  • 2008

Quantified Score

Hi-index 0.00

Visualization

Abstract

Extensible Component Platforms support the discovery, installation, starting, uninstallation of components at runtime. Since they are often targeted at mobile resource-constrained devices, they have both strong performance and security requirements. The current security model for Java systems - Permissions - is based on call stack analysis. This is very time-consuming, which makes it difficult to use in production environments. We therefore define the Component-Based Access Control (CBAC) Security Model, which emulates Java Permissions through static analysis at the installation phase of the components. CBAC is based on a fully declarative approach that makes it possible to tag arbitrary methods as sensitive. A formal model is defined to guarantee that a given component have sufficient access rights, and that dependencies between components are taken into account. A first implementation of the model is provided for the OSGi Platform, using the ASM library for code analysis. Performance tests show that the cost of CBAC at install time is negligible, since it is executed together with digital signature verification which is much more costly. Moreover, unlike Java Permissions, the CBAC security model does not have any runtime overhead.