Secure OSGi Platform against Service Injection

被引：0

作者：

Kim, Intae ^{[1
]}

Rim, Keewook ^{[2
]}

Lee, Junghyun ^{[1
]}

机构：

[1] Inha Univ, Dept Comp Sci & Informat Technol, 253 Yonghyun Dong, Inchon 402751, South Korea

[2] Sunmoon Univ, Dept Comp & Informat Sci, Asan, Chungnam 336-708, South Korea

来源：

SECURITY TECHNOLOGY, DISASTER RECOVERY AND BUSINESS CONTINUITY | 2010年 / 122卷

关键词：

Service injection; OSGi; Security;

D O I：

暂无

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

OSGi platform provides Java-based open standard programming interface that enables communication and control among devices at home. Service-oriented, component based software systems built using OSGi are extensible and adaptable but they entail new types of security concerns. Security concerns in OSGi platforms can be divided into two basic categories: vulnerabilities in Java cross-platform (or multi-platform) technology and vulnerabilities in the OSGi framework. This paper identifies a new OSGi platform-specific security vulnerability called a service injection attack and proposes two mechanisms of protection against this newly identified security risk in the OSGi framework.

引用

页码：74 / +

页数：3

共 15 条

[1]

[Anonymous], Equinox

[2] Secure and reliable Java']Java-Based middleware - Challenges and solutions [J].

Binder, Walter .

FIRST INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY, PROCEEDINGS, 2006, :662-669

[3]

CZAJKOWSKI G, 2001, P ACM C OBJ OR PROGR, P125

[4]

Gama K, 2009, LECT NOTES COMPUT SC, V5582, P104, DOI 10.1007/978-3-642-02414-6_7

[5]

GEOFFRAY N, 2009, RR6801 INRIA

[6]

GEOFFRAY N, 2008, 1 WORKSH IS INT EMB, P41

[7]

HOWES T, 1997, 2254 IETF RFC

[8]

*KNOPFL OSGI, KNOPFL OSGI OP SOURC

[9]

LOWIS L, 2009, P IEEE WORKSH SEC AS

[10]

*OSGI ALL, 2010, OSGI SERV PLATF COR

← 1 2 →