Security-Enhanced OSGi service environments

IEEE Transactions on Systems, Man and Cybernetics Part C: Applications and Reviews

Volumn 39, Issue 5, 2009, Pages 562-571

  Ahn, Gail Joon ^a   Hu, Hongxin ^a   Jin, Jing ^b  

^a AZ 85281   (United States)

^b University of North Carolina at Charlotte   (United States)

Author keywords

Authorization; OSGi service; Role based management; Security

Indexed keywords

AUTHORIZATION; AUTHORIZATION FRAMEWORKS; CRITICAL ISSUES; HOME NETWORKS; NETWORK DEVICES; NETWORK ENVIRONMENTS; OPEN SERVICES GATEWAY INITIATIVES; OPEN SOURCE IMPLEMENTATION; OSGI FRAMEWORK; OSGI SERVICE; PERSONAL EQUIPMENTS; PROOF OF CONCEPT; ROLE-BASED ACCESS CONTROL; ROLE-BASED MANAGEMENT; SECURITY; SECURITY REQUIREMENTS; SENSITIVE INFORMATIONS; SERVICE ENVIRONMENT;

GATEWAYS (COMPUTER NETWORKS); LOCAL AREA NETWORKS; PERSONAL COMMUNICATION SYSTEMS; SECURITY SYSTEMS;

ACCESS CONTROL;

EID: 69549105973     PISSN: 10946977     EISSN: None     Source Type: Journal    
DOI: 10.1109/TSMCC.2009.2020437     Document Type: Article

References (24)

1. Digital Living Network Alliance. (2003). [Online]. Available: http:// www.dlna.org/home
2. Knopflerfish. Knopflerfish Open Source OSGi. (2006). [Online]. Available: http://www.knopflerfish.org/index.html
3. OSGi Alliance. OSGi Initiative. (1999). [Online]. Available: http://www.osgi.org.
4. Sun Microsystems, Inc. Sun's XACML implementation. (2004). [Online]. Available: http://sunxacml.sourceforge.net/
5. UPnP Forum. UPnP Standards for Device Security and Security Console (2003). [Online]. Available: http://www.upnp.org/standardizeddcps/security.asp
6. G.-J. Ahn and R. S. Sandhu, "Role-based authorization constraints specification," ACM Trans. Inf. Syst. Security, vol. 3, no. 4, pp. 207-226, Nov. 2000.
7. E. Bertino, L. Khan, R. Sandhu, and B. Thuraisingham, "Secure knowledge management: Confidentiality, trust, and privacy," IEEE Trans. Syst., Man, Cybern. A, Syst., Humans, vol. 36, no. 3, pp. 429-438, May 2006.
8. E.-A. Cho, C.-J. Moon, D.-H. Park, and D.-K. Baik, "Access control policy management framework based on RBAC in OSGi service platform," in Proc. 6th IEEE Int. Conf. Comput. Inf. Technol. (CIT 2006), IEEE Computer Society, Washington, DC, 2006, pp. 161-166.
9. E.-A. Cho, C.-J. Moon, D.-H. Park, and D.-K. Baik, "An effective policy management framework using RBAC model for service platform based on components," in Proc. 4th Int. Conf. Softw. Eng. Res., Manage. Appl. (SERA 2006), IEEE Computer Society, Washington, DC, 2006, pp. 281-288.
10. C. M. Ellison, "Home network security," Intel Technol. J., vol. 6, no. 4, pp. 37-48, 2002.
11. T. Jaeger, "On the increasing importance of constraints," in Proc. 4th ACM Workshop Role-based Access Contr., 1999, pp. 33-42.
12. S. Jajodia, P. Samarati, V. S. Subrahmanian, and E. Bertino, "A unified framework for enforcing multiple access control policies," in Proc. ACM SIGMOD Int. Conf. Manage. Data, 1997, pp. 474-485.
13. C. Lee, D. Nordstedt, and S. Helal, "Enabling smart spaces with OSGi," IEEE Pervasive Comput., vol. 2, no. 3, pp. 94-98, Jul.-Sep. 2003.
14. H.-Y. Lim, Y.-G. Kim, C.-J. Moon, and D.-K. Baik, "Bundle authentication and authorization using XML security in the OSGi service platform," in Proc. 4th Annu. ACIS Int. Conf. Comput. Inf. Sci. (ICIS 2005), IEEE Computer Society, Washington, DC, 2005, pp. 502-507.
15. M. Lorch, D. B. Adams, D. Kafura, M. S. R. Koneni, A. Rathi, and S. Shah, "The prima system for privilege management, authorization and enforcement in grid environments," presented at the 4th Int. Workshop Grid Comput., Phoenix, AR, 2003.
16. OASIS, XACML 2.0 Core: EXtensible Access Control Markup Language (XACML) Version 2.0. (2005). [Online]. Available: http:// docs.oasisopen.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf
17. OSGi, User Admin Service Specification Version 1.1. (2006). [Online]. Available: http://www.osgi.org
18. R. Sandhu, "The ntree: A two dimension partial order for protection groups," ACM Trans. Comput. Syst., vol. 6, no. 2, pp. 197-222, May 1988.
19. R. Sandhu, E. Coyne, H. Feinstein, and C. Youman, "Role-based access control model," IEEE Comput., vol. 2, no. 29, pp. 38-47, Feb. 1996.
20. R. Sandhu and Q. Munawer, "How to do discretionary access control using roles," in Proc. 3rd ACM workshop Role-Based Access Contr., Aug. 1999, pp. 47-54.
21. R. S. Sandhu, "Lattice-based access control models," IEEE Comput. vol. 26, no. 11, pp. 9-19, Nov. 1993.
22. R. S. Sandhu and P. Samarati, "Access control: Principles and practice," IEEE Commun. Mag., vol. 32, no. 9, pp. 40-48, Sep. 1994.
23. C. Wu, C. Liao, and L. Fu, "Service-oriented smart-home architecture based on OSGi and mobile-agent technology," IEEE Trans. Syst., Man, Cybern. C, Appl. Rev., vol. 37, no. 2, pp. 193-205, Mar. 2007.
24. H. Zhu and M. Zhou, "Roles in information systems: A survey," IEEE Trans. Syst., Man, Cybern. C, Appl. Rev., vol. 38, no. 3, pp. 377-396, May 2008.