Security Policy Enforcement for the OSGi Framework Using Aspect-Oriented Programming
Paper i proceeding, 2008

The lifecycle mismatch between vehicles and their IT system poses a problem for the automotive industry. Such systems need to be open and extensible to provide customised functionalities and services. What is less clear is how to achieve this with quality and security guarantees. Recent studies in language-based security -- the use of programming language technology to enforce application specific security policies -- show that security policy enforcement mechanisms such as inlined reference monitors provide a potential solution for security in extensible systems. In this paper we study the implementation of security policy enforcement using aspect-oriented programming for the OSGi (Open Services Gateway initiative) framework. We identify classes of reference monitor-style policies that can be defined and enforced using AspectJ, a well-known aspect-oriented programming language. We demonstrate the use of security states to describe history-based policies. We also introduce and implement various levels of security states in Java to describe session level history versus global application level history. We illustrate the effectiveness of the implementation by deploying the security policy enforcement solution in an example scenario of software downloading in a standard vehicle system.

Vehicle software security

aspect-oriented programming

Security Policy Enforcement



Phu Phung

Chalmers, Data- och informationsteknik, Programvaruteknik (Chalmers)

David Sands

Chalmers, Data- och informationsteknik, Datavetenskap

Proceedings of the 32nd Annual International Computer Software and Applications Conference (COMPSAC 2008), 28 July - 01 August 2008, Turku, Finland. IEEE Computer Society 2008

0730-3157 (ISSN)




Mer information