Skip to main content
Springer Nature Link
Log in

Towards Dynamic Component Isolation in a Service Oriented Platform

  • Conference paper
Component-Based Software Engineering (CBSE 2009)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 5582))

Included in the following conference series:

  • 642 Accesses

Abstract

When dealing with dynamic component environments such as the OSGi Service Platform, where components can come from different sources and may be known only during runtime, evaluating third party components trustworthiness at runtime is difficult. The traditional namespace based isolation and the security mechanisms provided in the Java platform (the base platform for OSGi) can restrict the access of such components but can not provide fault isolation. In this paper we present a dynamic component isolation approach for the OSGi platform, based on a recently standardized Java mechanism. When an untrusted component is activated during runtime, it is isolated in a fault contained environment but it can still collaborate with the application. If it is observed that the untrusted code does not bring any threat to the application, at runtime it can be dynamically promoted to the safe environment. Tests have been performed in a controlled environment where misbehaving components hosted in the sandbox were not able to disturb the main application.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Allamaraju, S., et al.: Professional: Java Server Programming J2EE. Wrox Press (2001)

    Google Scholar 

  2. Binder, W.: Secure and Reliable Java-Based Middleware – Challenges and Solutions. In: 1st International Conference on Availability, Reliability and Security. ARES, pp. 662–669. IEEE Computer Society, Washington (2006)

    Google Scholar 

  3. Candea, G., Kawamoto, S., Fujiki, Y., Friedman, G., Fox, A.: Microreboot — A technique for cheap recovery. In: 6th Symposium on Operating Systems Design & Implementation (2004)

    Google Scholar 

  4. Czajkowski, G., Daynès, L.: Multitasking without Compromise: a Virtual Machine Evolution. In: The 16th conference on Object-oriented programming, systems, languages, and applications (OOPSLA), New York, USA, pp. 125–138 (2001)

    Google Scholar 

  5. Daynès, L., Czajkowski, G.: Sharing the runtime representation of classes across class loaders. In: The European Conf. on Obj. Oriented Progr., Glasgow, UK (2005)

    Google Scholar 

  6. Escoffier, C., Donsez, D., Hall, R.S.: Developing an OSGi-like service platform for.NET. In: Consumer Comm. and Networking Conf., USA, pp. 213–217 (2006)

    Google Scholar 

  7. Gama, K., Donsez, D.: A Practical Approach for Finding Stale References in a Dynamic Service Platform. In: Chaudron, M.R.V., Szyperski, C., Reussner, R. (eds.) CBSE 2008. LNCS, vol. 5282, pp. 246–261. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  8. Gama, K., Rudametkin, W., Donsez, D.: Using Fail-stop Proxies for Enhancing Services Isolation in the OSGi Service Platform. In: MW4SOC 2008, pp. 7–12. ACM, New York (2008)

    Google Scholar 

  9. Geoffray, N., Thomas, G., Folliot, B., Clément, C.: Towards a new Isolation Abstraction for OSGi. In: Engel, M., Spinczyk, O. (eds.) The 1st Workshop on Isolation and integration in Embedded Systems. IIES 2008, pp. 41–45. ACM, New York (2008)

    Google Scholar 

  10. Gruber, O., Hargrave, B.J., McAffer, J., Rapicault, P., Watson, T.: The Eclipse 3. 0 platform: Adopting OSGi technology. IBM Systems Journal 44(2), 289–300 (2005)

    Google Scholar 

  11. Hunt, G., et al.: An Overview of the Singularity Project. Technical Report MSR-TR-2005-135, Microsoft Research (2005)

    Google Scholar 

  12. Jahn, M., Terzic, B., Gumbel, M.: Do not disturb my circles – Application isolation with OSGi. OSGi Community Event, Berlin (2008)

    Google Scholar 

  13. Java Card Technology, http://java.sun.com/javacard/

  14. Jordan, M., Daynès, L., Jarzab, M., Bryce, C., Czajkowski, G.: Scaling J2EETM application servers with the Multi-tasking Virtual Machine. Softw. Pract. Exper. 36(6), 557–580 (2006)

    Article  Google Scholar 

  15. JSR 121: Application Isolation API Specification, http://jcp.org/en/jsr/detail?id=121

  16. JSR 195: Information Module Profile, http://jcp.org/en/jsr/detail?id=195

  17. JSR 217: Personal Basis Profile 1.1, http://jcp.org/en/jsr/detail?id=217

  18. JSR 271: Mobile Information Device Profile 3, http://jcp.org/en/jsr/detail?id=271

  19. JSR 284: Resource Consumption Management API, http://jcp.org/en/jsr/detail?id=284

  20. Kalaimagal, S., Srinivasan, R.: A retrospective on software component quality models. SIGSOFT Software Engineering 33, 1–10 (2008)

    Article  Google Scholar 

  21. Kamp, P.H., Watson, R.N.M.: Jails: Confining the omnipotent root. In: Proceedings of the 2nd International SANE Conference (2000)

    Google Scholar 

  22. Kwiatek, M.: Cluster Architecture for Java Web Hosting at CERN. In: The 15th International Conference on Computing In High Energy and Nuclear Physics, Mumbai, India, pp. 528–531 (2006)

    Google Scholar 

  23. Laprie, J., Randell, B.: Basic Concepts and Taxonomy of Dependable and Secure Computing. IEEE Trans. Dependable Secur. Comput. 1(1), 11–33 (2004)

    Article  Google Scholar 

  24. Liang, S., Bracha, G.: Dynamic Class Loading in the Java Virtual Machine. In: OPSLA 1998, pp. 36–44 (1998)

    Google Scholar 

  25. Lowy, J.: 2001 COM and.NET Component Services, 1st edn. O’Reilly & Associates, Inc., Sebastopol (2001)

    Google Scholar 

  26. Matos, M., Sousa, A.: Dependable Distributed OSGi Environment. In: MW4SOC 2008, pp. 1–6. ACM, New York (2008)

    Google Scholar 

  27. Nelson, V.P.: Fault-Tolerant Computing: Fundamental Concepts. IEEE Computer 23(7), 19–25 (1990)

    Article  Google Scholar 

  28. Nierstrasz, O., Dami, L.: Component-Oriented Software Technology. Object-Oriented Software Composition. Prentice-Hall, Englewood Cliffs (1995)

    Google Scholar 

  29. OSGi Alliance, http://www.osgi.org

  30. OSGi Alliance. About the OSGi Service Platform, Technical Whitepaper Revision 4.1 (June 7, 2007), http://www.osgi.org/wiki/uploads/Links/OSGiTechnicalWhitePaper.pdf

  31. Parrend, P., Frénot, S.: Classification of Component Vulnerabilities in Java Service Oriented Programming (SOP) Platforms. In: Chaudron, M.R.V., Szyperski, C., Reussner, R. (eds.) CBSE 2008. LNCS, vol. 5282, pp. 80–96. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  32. Rellermeyer, J.S., Alonso, G., Roscoe, T.: R-OSGi: Distributed Applications through Software Modularization. In: The ACM/IFIP/USENIX 8th International Middleware Conference (2007)

    Google Scholar 

  33. Royon, Y., Frénot, S., Mouel, F.L.: Virtualization of Service Gateways in Multi-provider Environments. In: Gorton, I., Heineman, G.T., Crnković, I., Schmidt, H.W., Stafford, J.A., Szyperski, C., Wallnau, K. (eds.) CBSE 2006. LNCS, vol. 4063, pp. 385–392. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  34. Schmidt, H.: Trustworthy components-compositionality and prediction. Journal of Systems Software 65(3), 215–225 (2003)

    Article  Google Scholar 

  35. Stutz, D., Neward, T., Shilling, G.: Shared Source Cli Essentials. O’Reilly, Sebastopol (2002)

    Google Scholar 

  36. Sun Microsystems. Multitasking Guide-Sun Java Wireless Client Softw., Version 2.1, JME. 04/2008, http://java.sun.com/javame/reference/docs/sjwc-2.1/pdf-html/multitasking.pdf

  37. Sun Microsystems. The CDC Application Management System. White Paper (June 2005), http://java.sun.com/j2me/docs/cdc_appmgmt_wp.pdf

  38. Squawk Java ME VM, https://squawk.dev.java.net/

  39. Szyperski, C., Gruntz, D., Murer, S.: Component Software: Beyond Object-Oriented Programming, 2nd edn. Addison-Wesley, Reading (2002)

    Google Scholar 

  40. Wahbe, R., Lucco, S., Anderson, T.E., Graham, S.L.: Efficient software-based fault isolation. In: The 14th ACM Symposium on Operating Systems Principles. SOSP 1993, pp. 203–216. ACM, New York (1993)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Grenoble, LIG, ADELE team, France

    Kiev Gama & Didier Donsez

Authors
  1. Kiev Gama
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Didier Donsez
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Software Engineering Institute, Software Engineering Institute, Carnegie Mellon® http://www.sei.cmu.edu/staff/glewis, 4500 Fifth Ave., PA 15213, Pittsburgh, USA

    Grace A. Lewis

  2. The Predictable Assembly Laboratory, , Department of Computer Science,, King’s College London, Strand, http://palab.dcs.kcl.ac.uk, WC2R 2LS, London, UK

    Iman Poernomo

  3. Computer Science Department, East Stroudsburg University, http://www.esu.edu/~chrish, 200 Prospect Street, PA 18301-2999, East Stroudsburg, USA

    Christine Hofmeister

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Gama, K., Donsez, D. (2009). Towards Dynamic Component Isolation in a Service Oriented Platform. In: Lewis, G.A., Poernomo, I., Hofmeister, C. (eds) Component-Based Software Engineering. CBSE 2009. Lecture Notes in Computer Science, vol 5582. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-02414-6_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-02414-6_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-02413-9

  • Online ISBN: 978-3-642-02414-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics