Advanced OSGi Security Layer

This paper first discusses the inner security of OSGi and proposes an advanced OSGi security layer to prevent services from attacking the OSGi platform. We review the existing threats in Java security and we rephrase the threats within OSGi service level. A rule-based control list and a threat detector are introduced to the OSGi framework. A software sensor is deployed in our design which detects service behaviors. The behaviors can be analyzed by the detector, which notifies the response manager to perform pre-defined rules. Malicious services that are harmful to other services or OSGi framework can be stopped so that other services work safely in the open environment.