Advanced OSGi Security Layer

Authors:
Chi-Chih Huang;Pang-Chieh Wang;Ting-Wei Hou
Affiliations:
Cheng Kung University, Taiwan;Cheng Kung University, Taiwan;Cheng Kung University, Taiwan
Venue:
AINAW '07 Proceedings of the 21st International Conference on Advanced Information Networking and Applications Workshops - Volume 02
Year:
2007

Citing 0
Cited 2

Security benchmarks of OSGi platforms: toward Hardened OSGi

Software—Practice & Experience
A survey on approaches for addressing dependability attributes in the OSGi service platform

ACM SIGSOFT Software Engineering Notes

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper first discusses the inner security of OSGi and proposes an Advanced OSGi Security Layer to prevent services from attacking the OSGi platform. We review the existing threats in Java security and we rephrase the threats within OSGi service level. A rule-based control list and a threat detector are introduced to the OSGi framework. A software sensor is deployed in our design which detects service behaviors. The behaviors can be analyzed by the Detector, which notifies the Response Manager to perform pre-defined rules. Malicious services that are harmful to other services or OSGi framework can be stopped so that other services work safely in the open environment.