CPL - Chalmers Publication Library
| Utbildning | Forskning | Styrkeområden | Om Chalmers | In English In English Ej inloggad.

Security Policy Enforcement for the OSGi Framework Using Aspect-Oriented Programming

Phu H. Phung (Institutionen för data- och informationsteknik (Chalmers)) ; David Sands (Institutionen för data- och informationsteknik, Datavetenskap (Chalmers))
Proceedings of the 32nd Annual International Computer Software and Applications Conference (COMPSAC 2008), 28 July - 01 August 2008, Turku, Finland. IEEE Computer Society 2008 (0730-3157). p. 1076-1082. (2008)
[Konferensbidrag, refereegranskat]

The lifecycle mismatch between vehicles and their IT system poses a problem for the automotive industry. Such systems need to be open and extensible to provide customised functionalities and services. What is less clear is how to achieve this with quality and security guarantees. Recent studies in language-based security -- the use of programming language technology to enforce application specific security policies -- show that security policy enforcement mechanisms such as inlined reference monitors provide a potential solution for security in extensible systems. In this paper we study the implementation of security policy enforcement using aspect-oriented programming for the OSGi (Open Services Gateway initiative) framework. We identify classes of reference monitor-style policies that can be defined and enforced using AspectJ, a well-known aspect-oriented programming language. We demonstrate the use of security states to describe history-based policies. We also introduce and implement various levels of security states in Java to describe session level history versus global application level history. We illustrate the effectiveness of the implementation by deploying the security policy enforcement solution in an example scenario of software downloading in a standard vehicle system.

Nyckelord: Security Policy Enforcement, Vehicle software security, OSGi, aspect-oriented programming



Denna post skapades 2008-08-04. Senast ändrad 2009-01-06.
CPL Pubid: 72657