Security of the OSGi platform

A. Philippov, O. Gadyatskaya, F. Massacci

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

Abstract

In the last few years we have seen how increasing computational power of electronic devices triggers the functionality growth of the software that runs on them. The natural consequence is that modern software is no longer single-pieced, it becomes, instead, the composition of autonomous components that run on the shared platform. The examples of such platforms are web browsers (such as Google Chrome), smartphone and smart card operating systems (e.g., Android and Java Card), intelligent vehicle systems or smart homes (usually implemented on OSGi). On one hand, these platforms protect components by isolation, but at the same time, provide methods to share and exchange services. If the components can come from different stakeholders, how do we make sure that one's services would only be invoked by one's authorized siblings? In this PhD proposal we illustrate the problems on the example of OSGi platform. We propose to use the security-by-contract methodology (S×C) for loading time security verification to separate the security from the business logic while controlling access to applications.
Original languageEnglish
Title of host publicationESSoS-DS 2012 - Proceedings of the Doctoral Symposium of the International Symposium on Engineering Secure Software and Systems 2012
Pages11-16
Publication statusPublished - 2012
Externally publishedYes
Event1st Doctoral Symposium on Engineering Secure Software and Systems 2012, ESSoS-DS 2012 - , Netherlands
Duration: 15 Feb 201215 Feb 2012

Publication series

NameCEUR Workshop Proceedings
ISSN (Print)1613-0073

Conference

Conference1st Doctoral Symposium on Engineering Secure Software and Systems 2012, ESSoS-DS 2012
Country/TerritoryNetherlands
Period15/02/1215/02/12

Fingerprint

Dive into the research topics of 'Security of the OSGi platform'. Together they form a unique fingerprint.

Cite this