Component-based Access Control: Secure Software Composition through Static Analysis
Pierre Parrend and Stephane Frenot
7th International Symposium on Software Composition, 29-30 March 2008, Budapest, Hungary
Abstract
:
Extensible Component Platforms support the discovery, in-
stallation, starting, uninstallation of components at runtime. Since they
are often targeted at mobile resource-constraint devices, they have both
strong performance and security requirements. The current security model
for Java systems, Permissions, are based on call stack analysis. They
proves to be very time-consuming, which makes them difficult to use in
production environments.
We therefore define the Component-Based Access Control (CBAC) Se-
curity Model, which aims at emulating Java Permissions through static
analysis at the installation phase of the components. CBAC is based on a
fully declarative approach, that makes it possible to tag arbitrary meth-
ods as sensitive. A formal model is defined to guarantee that a given
component have sufficient access rights, and that dependencies between
components are taken into account. A first implementation of the model
is provided for the OSGi Platform, using the ASM library for code anal-
ysis. Performance tests show that the cost of CBAC at install time is
negligible, because it is executed together with digital signature which
is much more costly. Moreover, contrary to Java Permissions, the CBAC
security model does not imply any runtime overhead.
Keywords :Software Security, Component Middleware, Static Analysis, OSGi Platform
Appendix :pdf file
@INPROCEEDINGS{parrend08cbac,
author = {Pierre Parrend and Stephane Frenot},
title = {Component-based Access Control: Secure Software Composition through
Static Analysis},
booktitle = {7th International Symposium on Software Composition},
year = {2008},
editor = {Springer},
volume = {4954/2008},
series = {LNCS},
pages = {68-83},
address = {Budapest},
month = {March},
url = {http://www.springerlink.com/content/k282223p57n56273/}
}