Supporting the Secure Deployment of OSGi Bundles
Pierre Parrend, Stephane Frenot.
The First IEEE WoWMoM Workshop on Adaptive and DependAble Mission- and bUsiness-critical mobile Systems
(ADAMUS 2007 - with WoWMoM 2007), Helsinki, Finland, 18 June 2007
Abstract
:
The OSGi platform is a lightweight management
layer over a Java virtual machine that makes
runtime extensibility and multi-application support possible
in mobile and constraint environments. This powerfull
capability opens a particular attack vector against mobile
platforms: the installation of malicious OSGi bundles. The
first countermeasure is the digital signature of the bundles.
We developed a tool suite that supports the signature, the
publication and the validation of the bundles in an OSGi
framework. Our tools support the publication of bundles
onto a remote bundle repository as well as the validation
of the signature according to the OSGi R4 specifications. A
comparison of existing validation mechanisms shows that
our security layer is the only one that is compliant with
the specification.
Keywords : OSGi Plattform, Component Publication and Deployment, dependable mobile systems, business critical execution environments
Paper : pdf file.
Presentation : pdf file.
Bibtex :
@INPROCEEDINGS{parrend2007sfelix,
author = {Pierre Parrend and Stephane Frenot},
title = {Supporting the Secure Deployment of OSGi Bundles},
booktitle = {First IEEE WoWMoM Workshop on Adaptive and DependAble Mission- and
bUsiness-critical mobile Systems, Helsinki, Finland},
year = {2007},
month = {June},
}