Browse > Article

Verification and Implementation of a Service Bundle Authentication Mechanism in the OSGi Service Platform Environment  

김영갑 (고려대학교 컴퓨터학과)
문창주 (고려대학교 컴퓨터학)
박대하 ((주)시큐리티테크놀로지스 연구)
백두권 (고려대학교 정보통신대학)
Publication Information
Journal of KIISE:Computer Systems and Theory / v.31, no.1_2, 2004 , pp. 27-40 More about this Journal
Abstract
The OSGi service platform has several characteristics as in the followings. First, the service is deployed in the form of self-installable component called service bundle. Second, the service is dynamic according to its life-cycle and has interactions with other services. Third, the system resources of a home gateway are restricted. Due to these characteristics of a home gateway, there are a lot of rooms for malicious services can be Installed, and further, the nature of service can be changed. It is possible for those service bundles to influence badly on service gateways and users. However, there is no service bundle authentication mechanism considering those characteristics for the home gateway In this paper, we propose a service bundle authentication mechanism considering those characteristics for the home gateway environment. We design the mechanism for sharing a key which transports a service bundle safely in bootstrapping step that recognize and initialize equipments. And we propose the service bundle authentication mechanism based on MAC that use a shared secret created in bootstrapping step. Also we verify the safety of key sharing mechanism and service bundle authentication mechanism using a BAN Logic. This service bundle authentication mechanism Is more efficient than PKI-based service bundle authentication mechanism or RSH protocol in the service platform which has restricted resources such as storage spaces and operations.
Keywords
BAN Logic; Signed JAR; OSGi(Open Service Gateway initiative); Authentication; Key Exchange; Bundle; MAC(Message Authentication Code); BAN Logic; Signed JAR; OSGi(Open Service Gateway initiative);
Citations & Related Records
Times Cited By KSCI : 4  (Citation Analysis)
연도 인용수 순위
1 Marc Branchaud, 'A Survey of Public Key Infrastructures,' Department of Computer Science, McGill University, Montreal, 1997
2 OSGi, 'Secure Provisioning Data Transport using Http,' RFC36, http://www.osgi.org/, 2002
3 William Stallings, 'Cryptography and Network Security,' Pearson Education, 2002
4 John Clark, Jeremy Jacob, 'A Surbey of Authentication Protocol Literature: Version 1.0,' University of York, Department of Computer Science, November 1997
5 OSGi, 'OSGi Service Gateway Specification -Release 2.0' http://www.osgi.org, 2001
6 OSGi, 'RFC 18 - Security Architecture Specification' Draft, http://www.osgi.org/member, 2001
7 Sun, JAR Feature, http://java.sun.com/j2se/l.4/docs/guide/jar/, 2001
8 Michael Burrows, Martin Abadi, Roger Needham, 'A Logic of Authentication,' Digital Equipment Corporation, 1989
9 Jan Wessels, Cmg Finance B.V. 'Applications of BAN-Logic,' 2001
10 George Coluouris, et. al., 'Distributed System,' Edition 2, 1994
11 A.D. Rubin, P. Honeyman, 'Formal Methods for the Analysis of Authentication Protocols,' CITI Technical Report 93-7, 1993
12 H. Krawczyk et. al., 'HMAC: Keyed-Hashing for Message Authentication,' RFC 2104, February 1997
13 김영갑, 문창주, 박대하, 백두권, 'OSGi 서비스 프레임워크 환경에서의 서비스 번들 인증 메커니즘', 정보과학회지, 제29권, 제1호, page 868-870, 2002   과학기술학회마을
14 Jess Garms, Daniel Somerfield, 'Professional Java Security,' WROX, 2001
15 M. Pistoia, et. al., 'Java 2 Network Security,' Second edition, Prentice Hall, 1999
16 Java Embedded Server 2.0, 'http://wwws.sun.com/software/embeddedserver/index.html'
17 Fielding, R., et. al, 'Hypertext Transfer Protocol - HTTP/1.1, IETF RFC 2616, June 1999
18 Java Cryptography Library, J/LOCK, 'http://www.stitec.com/product/ejlock.html'
19 Ericsson's e-box system-An electronic services enabler. 'http://www.ericsson.com/about/publica-tions/review/1999_01/files/1999015.pdf'
20 전경석, 문창주, 박대하, 백두권, 'OSGi Service Framework 환경에서 사용자 인증 방법', 정보과학회지, 제29권, 제1호, page 865-867, 2002   과학기술학회마을
21 Kirk Chen, Li Gong 'Programming Open Service Gateways with Java Embedded Server Technology,' Sun, 2001