CPL - Chalmers Publication Library
| Utbildning | Forskning | Styrkeområden | Om Chalmers | In English In English Ej inloggad.

Security Policy Enforcement for the OSGi Framework Using Aspect-Oriented Programming

Phu H. Phung (Institutionen för data- och informationsteknik, Programvaruteknik (Chalmers)) ; David Sands (Institutionen för data- och informationsteknik, Datavetenskap (Chalmers))
Proceedings of the 32nd Annual International Computer Software and Applications Conference (COMPSAC 2008), 28 July - 01 August 2008, Turku, Finland. IEEE Computer Society 2008 (0730-3157). p. 1076-1082. (2008)
[Konferensbidrag, refereegranskat]

The lifecycle mismatch between vehicles and their IT system poses a problem for the automotive industry. Such systems need to be open and extensible to provide customised functionalities and services. What is less clear is how to achieve this with quality and security guarantees. Recent studies in language-based security -- the use of programming language technology to enforce application specific security policies -- show that security policy enforcement mechanisms such as inlined reference monitors provide a potential solution for security in extensible systems. In this paper we study the implementation of security policy enforcement using aspect-oriented programming for the OSGi (Open Services Gateway initiative) framework. We identify classes of reference monitor-style policies that can be defined and enforced using AspectJ, a well-known aspect-oriented programming language. We demonstrate the use of security states to describe history-based policies. We also introduce and implement various levels of security states in Java to describe session level history versus global application level history. We illustrate the effectiveness of the implementation by deploying the security policy enforcement solution in an example scenario of software downloading in a standard vehicle system.

Nyckelord: Security Policy Enforcement, Vehicle software security, OSGi, aspect-oriented programming

Denna post skapades 2008-08-04. Senast ändrad 2017-09-14.
CPL Pubid: 72657


Läs direkt!

Länk till annan sajt (kan kräva inloggning)

Institutioner (Chalmers)

Institutionen för data- och informationsteknik, Programvaruteknik (Chalmers) (2008-2010)
Institutionen för data- och informationsteknik, Datavetenskap (Chalmers)



Chalmers infrastruktur

Relaterade publikationer

Denna publikation ingår i:

Lightweight Inlined Reference Monitors for Securing Extensible and Open Systems

Lightweight Enforcement of Fine-Grained Security Policies for Untrusted Software