• DocumentCode
    1810148
  • Title

    Supporting the Secure Deployment of OSGi Bundles

  • Author

    Parrend, Pierre ; Frenot, Stephane

  • Author_Institution
    INRIA Ares/CITI, INSA-Lyon, F-69621 France, Phone: +33 (0) 04 72 43 71 29, E-mail: pierre.parrend@insa-lyon.fr
  • fYear
    2007
  • fDate
    18-21 June 2007
  • Firstpage
    1
  • Lastpage
    6
  • Abstract
    The OSGi platform is a lightweight management layer over a Java virtual machine that makes runtime extensibility and multi-application support possible in mobile and constraint environments. This powerfull capability opens a particular attack vector against mobile platforms: the installation of malicious OSGi bundles. The first countermeasure is the digital signature of the bundles. We developed a tool suite that supports the signature, the publication and the validation of the bundles in an OSGi framework. Our tools support the publication of bundles onto a remote bundle repository as well as the validation of the signature according to the OSGi R4 specifications. A comparison of existing validation mechanisms shows that our security layer is the only one that is compliant with the specification.
  • Keywords
    Code standards; Digital signatures; Environmental management; Internet; Java; Runtime environment; Security; Software packages; Software standards; Virtual machining;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    World of Wireless, Mobile and Multimedia Networks, 2007. WoWMoM 2007. IEEE International Symposium on a
  • Conference_Location
    Espoo, Finland
  • Print_ISBN
    978-1-4244-0993-8
  • Electronic_ISBN
    978-1-4244-0993-8
  • Type

    conf

  • DOI
    10.1109/WOWMOM.2007.4351681
  • Filename
    4351681
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1810148