Java Components Vulnerabilities - An Experimental Classification Targeted at the OSGi Platform
نویسندگان
چکیده
The OSGi Platform nds a growing interest in two di erent applications domains: embedded systems, and applications servers. However, the security properties of this platform are hardly studied, which is likely to hinder its use in production systems. This is all the more important that the dynamic aspect of OSGi-based applications, that can be extended at runtime, make them vulnerable to malicious code injection. We therefore perform a systematic audit of the OSGi platform so as to build a vulnerability catalog that intends to reference OSGi Vulnerabilities originating in the Core Speci cation, and in behaviors related to the use of the Java language. Implementation of Standard Services are not considered. To support this audit, a Semi-formal Vulnerability Pattern is de ned, that enables to uniquely characterize fundamental properties for each vulnerability, to include verbose description in the pattern, to reference known security protections, and to track the implementation status of the proof-of-concept OSGi Bundles that exploit the vulnerability. Based on the analysis of the catalog, a robust OSGi Platform is built, and recommendations are made to enhance the OSGi Speci cations. Key-words: OSGi Platform, Security, Dependability, Java, Hardened Execution Platform, Vulnerability Catalog ∗ This Work is partialy founded by Muse IST Project n°026442. Vulnerabilités des Composants Java Une Classi cation Expérimentale Dans le Cadre de la Plate-forme OSGi Résumé : La plate-forme d'exécution OSGi rencontre un intérêt grandissant dans deux domaines d'applications di érents: les systèmes embarqués, et les serveurs d'applications. Cependant, les propriétés de cette plate-forme relatives à la sécurité ne sont que très peu étudiées, ce qui peut fortement freiner son adoption dans les systèmes industriels. Ceci est d'autant plus critique que la possibilité d'extension dynamique à l'exécution o erte par la plate-forme OSGi rend celle-ci vulnérable à l'injection de code malicieux. Nous e ectuons un audit de l'environnement d'exécution OSGi, a n de créer un catalogue de vulnérabilités. Nous cherchons à référencer les vulnérabilités causées par la spéci cation `Core', ou bien par la machine virtuelle Java sous-jacente. Les autres éléments dé nis par OSGi, comme les services standards, ne sont pas considérés. A n de mener à bien cet audit, nous dé nissons un Pattern de Vulnérabilité semi-formel, qui permet de décrire les caractéristiques des vulnérabilités de manière unique, de donner des informations complémentaires, de référencer les protections existantes, et d'identi er le statut de l'implémentation des Bundles OSGi de tests qui démontrent chaque vulnérabilité. A partir de cette analyse, un plate-forme OSGi robuste est construite, et des recommandations pour les spéci cations OSGi sont données. Mots-clés : Plate-forme OSGi, Sécurité, Java, Plate-forme d'exécution renforcée, Catalogue de Vulnérabilités OSGi Vulnerabilities 3
منابع مشابه
Towards Dynamic Component Isolation in a Service Oriented Platform
When dealing with dynamic component environments such as the OSGi Service Platform, where components can come from different sources and may be known only during runtime, evaluating third party components trustworthiness at runtime is difficult. The traditional namespace based isolation and the security mechanisms provided in the Java platform (the base platform for OSGi) can restrict the acces...
متن کاملSecurity of the OSGi platform
In the last few years we have seen how increasing computational power of electronic devices triggers the functionality growth of the software that runs on them. The natural consequence is that modern software is no longer single-pieced, it becomes, instead, the composition of autonomous components that run on the shared platform. The examples of such platforms are web browsers (such as Google C...
متن کاملFault Tolerance in the OSGi Service Platform
The OSGi Service Platform defines a framework for the deployment of extensible and downloadable Java applications. The framework introduces a management unit, called a bundle, that can be installed, updated, uninstalled, started or stopped without restarting the entire framework. Bundles provide opportunities for increasing the dependability of OSGi based applications in a modular way. This rep...
متن کاملIsolation and Collaboration of Component-based and Service-based Applications
The OSGiTM Service Platform is becoming the de facto standard for modularized Java applications. The market of OSGi based Commercial-off-the-shelf components is continuously growing. OSGi specific problems make it harder to validate such components. The absence of separate object spaces to isolate components may lead to inconsistencies when they are stopped. The platform cannot ensure that obje...
متن کاملA Practical Approach for Finding Stale References in a Dynamic Service Platform
The OSGiTM Service Platform is becoming the de facto standard for modularized Java applications. The market of OSGi based COTS components is continuously growing. OSGi specific problems make it harder to validate such components. The absence of separate object spaces to isolate components may lead to inconsistencies when they are stopped. The platform cannot ensure that objects from a stopped c...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- CoRR
دوره abs/0706.3812 شماره
صفحات -
تاریخ انتشار 2007