SlideShare a Scribd company logo

OSGi als App-Plattform - Ein Ausflug durch den Security-Layer

OSGiUsers
OSGiUsers
Technology
1 of 24
Download to read offline
www.neat-it.de OSGi as an App Platform An Excursion through the Security Layer Michael Grammling, M.Sc. Dipl.-Inform (FH)
System Boundaries © Grammling und Müller GbR – neat-IT 2
Packaging Apps • Use a simple container format which can store 1..N bundles (e.g. a JAR or ZIP) • There are open standards available for container formats • However they are often much more complex than needed • Think on using an ApplicationManifest file (e.g. XML based) for meta-information • Think on signing the content of the container © Grammling und Müller GbR – neat-IT 3
Certify Apps • Usually Apps are certified by a certification department • If specific permissions, which the App acquires, are critical, reject the App • Do runtime checks • An automatic certification suite can help (can be complex) • If the App is accepted, deploy it in a clean software repository © Grammling und Müller GbR – neat-IT 4
Sell and Deploy Apps • The customer buys an App in the shop • The app is deployed (e.g. automatically) on the App Platform through a provisioning service (can be part of the App Repository) © Grammling und Müller GbR – neat-IT 5
Protect Access • Usually there are direct connections to the App Platform (e.g. by Telnet, SSH, Web-Client or Rich-Client user interfaces) • Use a proxy service on the App Platform to manage access rights © Grammling und Müller GbR – neat-IT 6
Requirements © Grammling und Müller GbR – neat-IT 7
The OSGi-Specification © Grammling und Müller GbR – neat-IT 8
The Security Layer © Grammling und Müller GbR – neat-IT 9
OSGi Security-Mechanisms ► OSGi Bundle-Authentication ► Bundle-Location ► Bundle-Signatures ► Conditional Permission Admin ► Visibility rules on level of Java packages ► User Admin (part of the OSGi Compendium) © Grammling und Müller GbR – neat-IT 10
OSGi Bundle-Signatures – Overall ► Bundle-Location ► Wires a Bundle with the installation location, which is persisted ► Could be a location in the local file system or an internet address ► Can be simply tampered e.g. by „mount points“ ► Bundle-Signatures ► Authenticates the originator ► Shows modifications on the data itself ► Requires a PKI (Public Key Infrastructure) ► Bundle-Locations as well as Bundle-Signatures can be used for definitions of permissions ► Bundle-Signatures are an optional feature in OSGi © Grammling und Müller GbR – neat-IT 11
Java Key Store ► Is a repository for certificates ► Consists of one file (e.g. with the file extension *.jks) ► Can be managed using the tool „keytool“ from the JDK Schlüssel- und Zertifikatsverwaltungstool Befehle: -certreq -changealias -delete -exportcert -genkeypair -genseckey -gencert -importcert -importkeystore -keypasswd -list -printcert -printcertreq -printcrl -storepasswd Generiert eine Zertifikatanforderung Ändert den Alias eines Eintrags Löscht einen Eintrag Exportiert ein Zertifikat Generiert ein Schlüsselpaar Generiert einen Secret Key Generiert ein Zertifikat aus einer Zertifikatanforderung Importiert ein Zertifikat oder eine Zertifikatkette Importiert einen oder alle Einträge aus einem anderen Keystore Ändert das Schlüsselkennwort eines Eintrags Listet die Einträge in einem Keystore auf Druckt den Content eines Zertifikats Druckt den Content einer Zertifikatanforderung Druckt den Content einer CRL-Datei Ändert das Speicherkennwort eines Keystores "keytool -command_name -help" für Verwendung von command_name verwenden © Grammling und Müller GbR – neat-IT 12
Structure of a Certificate ► Check public key by requesting the Public Authority (Trust Center) ► Check signature: decrypt(public_key, signature) = digest © Grammling und Müller GbR – neat-IT 13
OSGi Bundle-Signature Files ► Resources within the META-INF directory are not signed ► A Bundle can be signed from more than one originator © Grammling und Müller GbR – neat-IT 14
Signing Bundles – jarsigner ► Bundles can be signed using the tool „jarsigner“ from the JDK jarsigner -keystore my-keystore.jks -storepass my-store-password myjar.jar my-alias Warning: The signer certificate will expire within six months. The signer's certificate chain is not validated. © Grammling und Müller GbR – neat-IT 15
Signing Bundles – Maven ► Bundles can be signed using a Maven-Plugin … <build> … <plugins> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-jarsigner-plugin</artifactId> <version>1.2</version> <executions> <execution> <id>sign</id> <goals> <goal>sign</goal> </goals> </execution> </executions> <configuration> <keystore>C:/my-keystore.jks</keystore> <alias>my-alias</alias> <storepass>my-store-password</storepass> <keypass>my-keypassword</keypass> </configuration> </plugin> … </plugins> </build> … © Grammling und Müller GbR – neat-IT 16
Activate the Security-Layer ► System Variables of the JVM Property-Key Value Description java.security.policy <File> Policy file, which the OSGi Service Platform should use itself. org.osgi.framework.security osgi Activates the Security-Layer of OSGi. A specific OSGi Security-Manager is used now. Using this parameter enables also the (Conditional) Permission Admin. org.osgi.framework.trust.repositories <Files> List of Java-Keystores. © Grammling und Müller GbR – neat-IT 17
The Policy File for OSGi ► The file „all.policy“ ► Usually the OSGi-Framework requires full access ► -Djava.security.policy=all.policy ► Take care to restrict the rights of the JVM itself grant { permission java.security.AllPermission; }; © Grammling und Müller GbR – neat-IT 18
Conditional Permission Admin ► Offers authorization during runtime ► Review – Bundle-Signatures: Checks only integrity ► Defining permissions during runtime ► Simplification comparing to Java 2 Security • ALLOW, DENY and reverse rules can be defined ► OSGi specific extensions comparing to Java 2 Security • E.g. setting the permission to register a service © Grammling und Müller GbR – neat-IT 19
Local Permissions of a Bundle ► The developer defines specific permissions for the Bundle ► E.g. Access to the file system or using a service ► Local permissions are defined in the ASCII file „permissions.perm“ in the directory of the Bundle „OSGI-INF“ ► The OSGi Platform ensures that the Bundle gets only these permissions the developer has specified in the „permissions.perm“ file … # Accept exporting and re-importing package of service interface (org.osgi.framework.PackagePermission "de.telekom.connectedhome.services.clock.*" "exportonly,import") # Accept registering a concrete service (org.osgi.framework.ServicePermission "de.telekom.connectedhome.services.clock.TimeService" "register") … © Grammling und Müller GbR – neat-IT 20
Globale Permissions in the System ► Sandboxes can be defined for the OSGi platform for all or a set of Bundles using: ► Bundle signatures ► Bundle location ► Global permissions must be set by using the Conditional Permission Admin service ► The OSGi specification defines also a textual format and a parser for it: … ALLOW { [org.osgi.service.condpermadmin.BundleLocation "file:foo.jar"] (org.osgi.framework.PackagPermission "*" "import") } "allow-all-packages" ALLOW { [org.osgi.service.condpermadmin.BundleSignerCondition "CN=cn, OU=ou, O=o, ST=st, C=c"] (java.security.AllPermission "*" "*") } "allow-all-signed-bundles" … © Grammling und Müller GbR – neat-IT 21
Bundle Protection Domains © Grammling und Müller GbR – neat-IT 22
Permissions in OSGi ► PackagePermission ► Restrict the import- and export of Java packages ► BundlePermission ► Restrict access to Bundles (e.g. Require-Bundle) ► AdminPermission ► Restrict management access (e.g. lifecycle) ► ServicePermission ► Restrict registering and using services © Grammling und Müller GbR – neat-IT 23
Luise-Riegger-Str. 21 ● 76137 Karlsruhe Grammling und Müller GbR www.neat-it.de

Recommended

Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Michael Man
 
Security Bootcamp 2013 - Mitigate DDoS attack with effective cost - Nguyễn Ch...
Security Bootcamp 2013 - Mitigate DDoS attack with effective cost - Nguyễn Ch...Security Bootcamp 2013 - Mitigate DDoS attack with effective cost - Nguyễn Ch...
Security Bootcamp 2013 - Mitigate DDoS attack with effective cost - Nguyễn Ch...
Security Bootcamp
 
Devicemgmt
DevicemgmtDevicemgmt
Devicemgmt
xyxz
 
Blockchain Introduction
Blockchain IntroductionBlockchain Introduction
Blockchain Introduction
Nur Aini Rakhmawati Gunawan
 
XPDS16: XSM-Flask, current limitations and Ongoing work. - Anshul Makkar, Ct...
XPDS16: XSM-Flask, current limitations and Ongoing work. - Anshul Makkar, Ct...XPDS16: XSM-Flask, current limitations and Ongoing work. - Anshul Makkar, Ct...
XPDS16: XSM-Flask, current limitations and Ongoing work. - Anshul Makkar, Ct...
The Linux Foundation
 
Architecture & Functionality for Learning Spaces Website
Architecture & Functionality for Learning Spaces WebsiteArchitecture & Functionality for Learning Spaces Website
Architecture & Functionality for Learning Spaces Website
Pragati Kunwer
 
BlueHat v17 || Mitigations for the Masses: From EMET to Windows Defender Exp...
BlueHat v17 || Mitigations for the Masses: From EMET to Windows Defender Exp...BlueHat v17 || Mitigations for the Masses: From EMET to Windows Defender Exp...
BlueHat v17 || Mitigations for the Masses: From EMET to Windows Defender Exp...
BlueHat Security Conference
 
Cryptography In Silverlight
Cryptography In SilverlightCryptography In Silverlight
Cryptography In Silverlight
Barry Dorrans
 

Recommended

Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Michael Man
 
Security Bootcamp 2013 - Mitigate DDoS attack with effective cost - Nguyễn Ch...
Security Bootcamp 2013 - Mitigate DDoS attack with effective cost - Nguyễn Ch...Security Bootcamp 2013 - Mitigate DDoS attack with effective cost - Nguyễn Ch...
Security Bootcamp 2013 - Mitigate DDoS attack with effective cost - Nguyễn Ch...
Security Bootcamp
 
Devicemgmt
DevicemgmtDevicemgmt
Devicemgmt
xyxz
 
Blockchain Introduction
Blockchain IntroductionBlockchain Introduction
Blockchain Introduction
Nur Aini Rakhmawati Gunawan
 
XPDS16: XSM-Flask, current limitations and Ongoing work. - Anshul Makkar, Ct...
XPDS16: XSM-Flask, current limitations and Ongoing work. - Anshul Makkar, Ct...XPDS16: XSM-Flask, current limitations and Ongoing work. - Anshul Makkar, Ct...
XPDS16: XSM-Flask, current limitations and Ongoing work. - Anshul Makkar, Ct...
The Linux Foundation
 
Architecture & Functionality for Learning Spaces Website
Architecture & Functionality for Learning Spaces WebsiteArchitecture & Functionality for Learning Spaces Website
Architecture & Functionality for Learning Spaces Website
Pragati Kunwer
 
BlueHat v17 || Mitigations for the Masses: From EMET to Windows Defender Exp...
BlueHat v17 || Mitigations for the Masses: From EMET to Windows Defender Exp...BlueHat v17 || Mitigations for the Masses: From EMET to Windows Defender Exp...
BlueHat v17 || Mitigations for the Masses: From EMET to Windows Defender Exp...
BlueHat Security Conference
 
Cryptography In Silverlight
Cryptography In SilverlightCryptography In Silverlight
Cryptography In Silverlight
Barry Dorrans
 
Common Security Services. Consolidation patterns for legacy components - Stef...
Common Security Services. Consolidation patterns for legacy components - Stef...Common Security Services. Consolidation patterns for legacy components - Stef...
Common Security Services. Consolidation patterns for legacy components - Stef...
mfrancis
 
Security in OSGi applications: Robust OSGi Platforms, secure Bundles
Security in OSGi applications: Robust OSGi Platforms, secure BundlesSecurity in OSGi applications: Robust OSGi Platforms, secure Bundles
Security in OSGi applications: Robust OSGi Platforms, secure Bundles
Kai Hackbarth
 
Security Policy Enforcement for the OSGi Framework using Aspect-Oriented Pr...
Security Policy Enforcement for the OSGi Framework using Aspect-Oriented Pr...Security Policy Enforcement for the OSGi Framework using Aspect-Oriented Pr...
Security Policy Enforcement for the OSGi Framework using Aspect-Oriented Pr...
Phú Phùng
 
Enabling Java 2 Runtime Security with Eclipse Plug-ins - Ted Habeck, Advisory...
Enabling Java 2 Runtime Security with Eclipse Plug-ins - Ted Habeck, Advisory...Enabling Java 2 Runtime Security with Eclipse Plug-ins - Ted Habeck, Advisory...
Enabling Java 2 Runtime Security with Eclipse Plug-ins - Ted Habeck, Advisory...
mfrancis
 
The Role of the OSGi Gateway in GST Security Objectives and Architecture - An...
The Role of the OSGi Gateway in GST Security Objectives and Architecture - An...The Role of the OSGi Gateway in GST Security Objectives and Architecture - An...
The Role of the OSGi Gateway in GST Security Objectives and Architecture - An...
mfrancis
 
Hilf mir, OBR - Du bist meine letzte Hoffnung!
Hilf mir, OBR - Du bist meine letzte Hoffnung!Hilf mir, OBR - Du bist meine letzte Hoffnung!
Hilf mir, OBR - Du bist meine letzte Hoffnung!
OSGiUsers
 
OSGi Community Update
OSGi Community UpdateOSGi Community Update
OSGi Community Update
OSGiUsers
 
OSGi in the Residential Market
OSGi in the Residential Market OSGi in the Residential Market
OSGi in the Residential Market
OSGiUsers
 
Update OSGi Residential Expert Group
Update OSGi Residential Expert Group Update OSGi Residential Expert Group
Update OSGi Residential Expert Group
OSGiUsers
 
OSGi Alliance Residential Expert Group
OSGi Alliance Residential Expert GroupOSGi Alliance Residential Expert Group
OSGi Alliance Residential Expert Group
OSGiUsers
 
OSGi for In-Vehicle Systems
OSGi for In-Vehicle Systems OSGi for In-Vehicle Systems
OSGi for In-Vehicle Systems
OSGiUsers
 
PojoSR or OSGi (µ)Services For the Rest of Us
PojoSR or OSGi (µ)Services For the Rest of UsPojoSR or OSGi (µ)Services For the Rest of Us
PojoSR or OSGi (µ)Services For the Rest of Us
OSGiUsers
 
Building Secure OSGi Applications
Building Secure OSGi ApplicationsBuilding Secure OSGi Applications
Building Secure OSGi Applications
Marcel Offermans
 
Open Services Gateway Initiative (OSGI)
Open Services Gateway Initiative (OSGI)Open Services Gateway Initiative (OSGI)
Open Services Gateway Initiative (OSGI)
Peter R. Egli
 
Sia door supervisor training 5
Sia door supervisor training 5Sia door supervisor training 5
Sia door supervisor training 5
hilario859
 
OSGi Web Development in Action
OSGi Web Development in Action OSGi Web Development in Action
OSGi Web Development in Action
OSGiUsers
 
OSGi IoT Demo & Contest 2015
OSGi IoT Demo & Contest 2015OSGi IoT Demo & Contest 2015
OSGi IoT Demo & Contest 2015
mfrancis
 
Privacy_Engineering_Privacy Assurance_Lecture-Ecole_Polytechnic_Nice_SA-20150127
Privacy_Engineering_Privacy Assurance_Lecture-Ecole_Polytechnic_Nice_SA-20150127Privacy_Engineering_Privacy Assurance_Lecture-Ecole_Polytechnic_Nice_SA-20150127
Privacy_Engineering_Privacy Assurance_Lecture-Ecole_Polytechnic_Nice_SA-20150127
Frank Dawson
 
Raising information security awareness
Raising information security awarenessRaising information security awareness
Raising information security awareness
Terranovatraining
 
Gfk Smart Home Studie
Gfk Smart Home StudieGfk Smart Home Studie
Gfk Smart Home Studie
myDLS
 
Practical security In a modular world
Practical security In a modular worldPractical security In a modular world
Practical security In a modular world
Martin Toshev
 
Essentials of PCI Assessment
Essentials of PCI Assessment Essentials of PCI Assessment
Essentials of PCI Assessment
Gazzang
 

More Related Content

Viewers also liked

Security in OSGi applications: Robust OSGi Platforms, secure Bundles
Security in OSGi applications: Robust OSGi Platforms, secure BundlesSecurity in OSGi applications: Robust OSGi Platforms, secure Bundles
Security in OSGi applications: Robust OSGi Platforms, secure Bundles
Kai Hackbarth
 
The Role of the OSGi Gateway in GST Security Objectives and Architecture - An...
The Role of the OSGi Gateway in GST Security Objectives and Architecture - An...The Role of the OSGi Gateway in GST Security Objectives and Architecture - An...
The Role of the OSGi Gateway in GST Security Objectives and Architecture - An...
mfrancis
 
Hilf mir, OBR - Du bist meine letzte Hoffnung!
Hilf mir, OBR - Du bist meine letzte Hoffnung!Hilf mir, OBR - Du bist meine letzte Hoffnung!
Hilf mir, OBR - Du bist meine letzte Hoffnung!
OSGiUsers
 
OSGi Community Update
OSGi Community UpdateOSGi Community Update
OSGi Community Update
OSGiUsers
 
OSGi in the Residential Market
OSGi in the Residential Market OSGi in the Residential Market
OSGi in the Residential Market
OSGiUsers
 
Update OSGi Residential Expert Group
Update OSGi Residential Expert Group Update OSGi Residential Expert Group
Update OSGi Residential Expert Group
OSGiUsers
 
OSGi Alliance Residential Expert Group
OSGi Alliance Residential Expert GroupOSGi Alliance Residential Expert Group
OSGi Alliance Residential Expert Group
OSGiUsers
 
OSGi for In-Vehicle Systems
OSGi for In-Vehicle Systems OSGi for In-Vehicle Systems
OSGi for In-Vehicle Systems
OSGiUsers
 
PojoSR or OSGi (µ)Services For the Rest of Us
PojoSR or OSGi (µ)Services For the Rest of UsPojoSR or OSGi (µ)Services For the Rest of Us
PojoSR or OSGi (µ)Services For the Rest of Us
OSGiUsers
 
Building Secure OSGi Applications
Building Secure OSGi ApplicationsBuilding Secure OSGi Applications
Building Secure OSGi Applications
Marcel Offermans
 
Open Services Gateway Initiative (OSGI)
Open Services Gateway Initiative (OSGI)Open Services Gateway Initiative (OSGI)
Open Services Gateway Initiative (OSGI)
Peter R. Egli
 
Sia door supervisor training 5
Sia door supervisor training 5Sia door supervisor training 5
Sia door supervisor training 5
hilario859
 
OSGi Web Development in Action
OSGi Web Development in Action OSGi Web Development in Action
OSGi Web Development in Action
OSGiUsers
 
Privacy_Engineering_Privacy Assurance_Lecture-Ecole_Polytechnic_Nice_SA-20150127
Privacy_Engineering_Privacy Assurance_Lecture-Ecole_Polytechnic_Nice_SA-20150127Privacy_Engineering_Privacy Assurance_Lecture-Ecole_Polytechnic_Nice_SA-20150127
Privacy_Engineering_Privacy Assurance_Lecture-Ecole_Polytechnic_Nice_SA-20150127
Frank Dawson
 

Viewers also liked (20)

Common Security Services. Consolidation patterns for legacy components - Stef...
Common Security Services. Consolidation patterns for legacy components - Stef...Common Security Services. Consolidation patterns for legacy components - Stef...
Common Security Services. Consolidation patterns for legacy components - Stef...
 
Security in OSGi applications: Robust OSGi Platforms, secure Bundles
Security in OSGi applications: Robust OSGi Platforms, secure BundlesSecurity in OSGi applications: Robust OSGi Platforms, secure Bundles
Security in OSGi applications: Robust OSGi Platforms, secure Bundles
 
Security Policy Enforcement for the OSGi Framework using Aspect-Oriented Pr...
Security Policy Enforcement for the OSGi Framework using Aspect-Oriented Pr...Security Policy Enforcement for the OSGi Framework using Aspect-Oriented Pr...
Security Policy Enforcement for the OSGi Framework using Aspect-Oriented Pr...
 
Enabling Java 2 Runtime Security with Eclipse Plug-ins - Ted Habeck, Advisory...
Enabling Java 2 Runtime Security with Eclipse Plug-ins - Ted Habeck, Advisory...Enabling Java 2 Runtime Security with Eclipse Plug-ins - Ted Habeck, Advisory...
Enabling Java 2 Runtime Security with Eclipse Plug-ins - Ted Habeck, Advisory...
 
The Role of the OSGi Gateway in GST Security Objectives and Architecture - An...
The Role of the OSGi Gateway in GST Security Objectives and Architecture - An...The Role of the OSGi Gateway in GST Security Objectives and Architecture - An...
The Role of the OSGi Gateway in GST Security Objectives and Architecture - An...
 
Hilf mir, OBR - Du bist meine letzte Hoffnung!
Hilf mir, OBR - Du bist meine letzte Hoffnung!Hilf mir, OBR - Du bist meine letzte Hoffnung!
Hilf mir, OBR - Du bist meine letzte Hoffnung!
 
OSGi Community Update
OSGi Community UpdateOSGi Community Update
OSGi Community Update
 
OSGi in the Residential Market
OSGi in the Residential Market OSGi in the Residential Market
OSGi in the Residential Market
 
Update OSGi Residential Expert Group
Update OSGi Residential Expert Group Update OSGi Residential Expert Group
Update OSGi Residential Expert Group
 
OSGi Alliance Residential Expert Group
OSGi Alliance Residential Expert GroupOSGi Alliance Residential Expert Group
OSGi Alliance Residential Expert Group
 
OSGi for In-Vehicle Systems
OSGi for In-Vehicle Systems OSGi for In-Vehicle Systems
OSGi for In-Vehicle Systems
 
PojoSR or OSGi (µ)Services For the Rest of Us
PojoSR or OSGi (µ)Services For the Rest of UsPojoSR or OSGi (µ)Services For the Rest of Us
PojoSR or OSGi (µ)Services For the Rest of Us
 
Building Secure OSGi Applications
Building Secure OSGi ApplicationsBuilding Secure OSGi Applications
Building Secure OSGi Applications
 
Open Services Gateway Initiative (OSGI)
Open Services Gateway Initiative (OSGI)Open Services Gateway Initiative (OSGI)
Open Services Gateway Initiative (OSGI)
 
Sia door supervisor training 5
Sia door supervisor training 5Sia door supervisor training 5
Sia door supervisor training 5
 
OSGi Web Development in Action
OSGi Web Development in Action OSGi Web Development in Action
OSGi Web Development in Action
 
OSGi IoT Demo & Contest 2015
OSGi IoT Demo & Contest 2015OSGi IoT Demo & Contest 2015
OSGi IoT Demo & Contest 2015
 
Privacy_Engineering_Privacy Assurance_Lecture-Ecole_Polytechnic_Nice_SA-20150127
Privacy_Engineering_Privacy Assurance_Lecture-Ecole_Polytechnic_Nice_SA-20150127Privacy_Engineering_Privacy Assurance_Lecture-Ecole_Polytechnic_Nice_SA-20150127
Privacy_Engineering_Privacy Assurance_Lecture-Ecole_Polytechnic_Nice_SA-20150127
 
Raising information security awareness
Raising information security awarenessRaising information security awareness
Raising information security awareness
 
Gfk Smart Home Studie
Gfk Smart Home StudieGfk Smart Home Studie
Gfk Smart Home Studie
 

Similar to OSGi als App-Plattform - Ein Ausflug durch den Security-Layer

Do not disturb my circles! Secure Application Isolation with OSGi - Mirko Jah...
Do not disturb my circles! Secure Application Isolation with OSGi - Mirko Jah...Do not disturb my circles! Secure Application Isolation with OSGi - Mirko Jah...
Do not disturb my circles! Secure Application Isolation with OSGi - Mirko Jah...
mfrancis
 
Autopilot : Securing Cloud Native Storage
Autopilot : Securing Cloud Native StorageAutopilot : Securing Cloud Native Storage
Autopilot : Securing Cloud Native Storage
SF Bay Cloud Native Open Infra Meetup
 
Hacking IoT with EXPLIoT Framework
Hacking IoT with EXPLIoT FrameworkHacking IoT with EXPLIoT Framework
Hacking IoT with EXPLIoT Framework
Priyanka Aash
 
OSGi made simple - Fuse Application Bundles
OSGi made simple - Fuse Application BundlesOSGi made simple - Fuse Application Bundles
OSGi made simple - Fuse Application Bundles
Rob Davies
 
XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...
XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...
XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...
The Linux Foundation
 

Similar to OSGi als App-Plattform - Ein Ausflug durch den Security-Layer (20)

Practical security In a modular world
Practical security In a modular worldPractical security In a modular world
Practical security In a modular world
 
Essentials of PCI Assessment
Essentials of PCI Assessment Essentials of PCI Assessment
Essentials of PCI Assessment
 
Do not disturb my circles! Secure Application Isolation with OSGi - Mirko Jah...
Do not disturb my circles! Secure Application Isolation with OSGi - Mirko Jah...Do not disturb my circles! Secure Application Isolation with OSGi - Mirko Jah...
Do not disturb my circles! Secure Application Isolation with OSGi - Mirko Jah...
 
Resilient IoT Security: The end of flat security models
Resilient IoT Security: The end of flat security modelsResilient IoT Security: The end of flat security models
Resilient IoT Security: The end of flat security models
 
Oracle Solaris 11 - Best for Enterprise Applications
Oracle Solaris 11 - Best for Enterprise ApplicationsOracle Solaris 11 - Best for Enterprise Applications
Oracle Solaris 11 - Best for Enterprise Applications
 
#Interactive Session by Kirti Ranjan Satapathy and Nandini K, "Elements of Qu...
#Interactive Session by Kirti Ranjan Satapathy and Nandini K, "Elements of Qu...#Interactive Session by Kirti Ranjan Satapathy and Nandini K, "Elements of Qu...
#Interactive Session by Kirti Ranjan Satapathy and Nandini K, "Elements of Qu...
 
Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3
 
Study notes for CompTIA Certified Advanced Security Practitioner
Study notes for CompTIA Certified Advanced Security PractitionerStudy notes for CompTIA Certified Advanced Security Practitioner
Study notes for CompTIA Certified Advanced Security Practitioner
 
Securing Applications and Pipelines on a Container Platform
Securing Applications and Pipelines on a Container PlatformSecuring Applications and Pipelines on a Container Platform
Securing Applications and Pipelines on a Container Platform
 
Android 5.0 Lollipop platform change investigation report
Android 5.0 Lollipop platform change investigation reportAndroid 5.0 Lollipop platform change investigation report
Android 5.0 Lollipop platform change investigation report
 
Placing backdoors-through-firewalls
Placing backdoors-through-firewallsPlacing backdoors-through-firewalls
Placing backdoors-through-firewalls
 
Autopilot : Securing Cloud Native Storage
Autopilot : Securing Cloud Native StorageAutopilot : Securing Cloud Native Storage
Autopilot : Securing Cloud Native Storage
 
Security best practices for hyperledger fabric
Security best practices for hyperledger fabric Security best practices for hyperledger fabric
Security best practices for hyperledger fabric
 
Hacking IoT with EXPLIoT Framework
Hacking IoT with EXPLIoT FrameworkHacking IoT with EXPLIoT Framework
Hacking IoT with EXPLIoT Framework
 
Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...
Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...
Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...
 
OSGi made simple - Fuse Application Bundles
OSGi made simple - Fuse Application BundlesOSGi made simple - Fuse Application Bundles
OSGi made simple - Fuse Application Bundles
 
XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...
XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...
XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...
 
Why ClouDoc to protect CAD files?
Why ClouDoc to protect CAD files? Why ClouDoc to protect CAD files?
Why ClouDoc to protect CAD files?
 
Guidelines to Improve the Robustness of the OSGi Framework and Its Services A...
Guidelines to Improve the Robustness of the OSGi Framework and Its Services A...Guidelines to Improve the Robustness of the OSGi Framework and Its Services A...
Guidelines to Improve the Robustness of the OSGi Framework and Its Services A...
 
Security Mechanisms for Precious Data Protection of Divergent Heterogeneous G...
Security Mechanisms for Precious Data Protection of Divergent Heterogeneous G...Security Mechanisms for Precious Data Protection of Divergent Heterogeneous G...
Security Mechanisms for Precious Data Protection of Divergent Heterogeneous G...
 

Recently uploaded

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Recently uploaded (20)

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 

OSGi als App-Plattform - Ein Ausflug durch den Security-Layer

  • 1. www.neat-it.de OSGi as an App Platform An Excursion through the Security Layer Michael Grammling, M.Sc. Dipl.-Inform (FH)
  • 2. System Boundaries © Grammling und Müller GbR – neat-IT 2
  • 3. Packaging Apps • Use a simple container format which can store 1..N bundles (e.g. a JAR or ZIP) • There are open standards available for container formats • However they are often much more complex than needed • Think on using an ApplicationManifest file (e.g. XML based) for meta-information • Think on signing the content of the container © Grammling und Müller GbR – neat-IT 3
  • 4. Certify Apps • Usually Apps are certified by a certification department • If specific permissions, which the App acquires, are critical, reject the App • Do runtime checks • An automatic certification suite can help (can be complex) • If the App is accepted, deploy it in a clean software repository © Grammling und Müller GbR – neat-IT 4
  • 5. Sell and Deploy Apps • The customer buys an App in the shop • The app is deployed (e.g. automatically) on the App Platform through a provisioning service (can be part of the App Repository) © Grammling und Müller GbR – neat-IT 5
  • 6. Protect Access • Usually there are direct connections to the App Platform (e.g. by Telnet, SSH, Web-Client or Rich-Client user interfaces) • Use a proxy service on the App Platform to manage access rights © Grammling und Müller GbR – neat-IT 6
  • 7. Requirements © Grammling und Müller GbR – neat-IT 7
  • 8. The OSGi-Specification © Grammling und Müller GbR – neat-IT 8
  • 9. The Security Layer © Grammling und Müller GbR – neat-IT 9
  • 10. OSGi Security-Mechanisms ► OSGi Bundle-Authentication ► Bundle-Location ► Bundle-Signatures ► Conditional Permission Admin ► Visibility rules on level of Java packages ► User Admin (part of the OSGi Compendium) © Grammling und Müller GbR – neat-IT 10
  • 11. OSGi Bundle-Signatures – Overall ► Bundle-Location ► Wires a Bundle with the installation location, which is persisted ► Could be a location in the local file system or an internet address ► Can be simply tampered e.g. by „mount points“ ► Bundle-Signatures ► Authenticates the originator ► Shows modifications on the data itself ► Requires a PKI (Public Key Infrastructure) ► Bundle-Locations as well as Bundle-Signatures can be used for definitions of permissions ► Bundle-Signatures are an optional feature in OSGi © Grammling und Müller GbR – neat-IT 11
  • 12. Java Key Store ► Is a repository for certificates ► Consists of one file (e.g. with the file extension *.jks) ► Can be managed using the tool „keytool“ from the JDK Schlüssel- und Zertifikatsverwaltungstool Befehle: -certreq -changealias -delete -exportcert -genkeypair -genseckey -gencert -importcert -importkeystore -keypasswd -list -printcert -printcertreq -printcrl -storepasswd Generiert eine Zertifikatanforderung Ändert den Alias eines Eintrags Löscht einen Eintrag Exportiert ein Zertifikat Generiert ein Schlüsselpaar Generiert einen Secret Key Generiert ein Zertifikat aus einer Zertifikatanforderung Importiert ein Zertifikat oder eine Zertifikatkette Importiert einen oder alle Einträge aus einem anderen Keystore Ändert das Schlüsselkennwort eines Eintrags Listet die Einträge in einem Keystore auf Druckt den Content eines Zertifikats Druckt den Content einer Zertifikatanforderung Druckt den Content einer CRL-Datei Ändert das Speicherkennwort eines Keystores "keytool -command_name -help" für Verwendung von command_name verwenden © Grammling und Müller GbR – neat-IT 12
  • 13. Structure of a Certificate ► Check public key by requesting the Public Authority (Trust Center) ► Check signature: decrypt(public_key, signature) = digest © Grammling und Müller GbR – neat-IT 13
  • 14. OSGi Bundle-Signature Files ► Resources within the META-INF directory are not signed ► A Bundle can be signed from more than one originator © Grammling und Müller GbR – neat-IT 14
  • 15. Signing Bundles – jarsigner ► Bundles can be signed using the tool „jarsigner“ from the JDK jarsigner -keystore my-keystore.jks -storepass my-store-password myjar.jar my-alias Warning: The signer certificate will expire within six months. The signer's certificate chain is not validated. © Grammling und Müller GbR – neat-IT 15
  • 16. Signing Bundles – Maven ► Bundles can be signed using a Maven-Plugin … <build> … <plugins> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-jarsigner-plugin</artifactId> <version>1.2</version> <executions> <execution> <id>sign</id> <goals> <goal>sign</goal> </goals> </execution> </executions> <configuration> <keystore>C:/my-keystore.jks</keystore> <alias>my-alias</alias> <storepass>my-store-password</storepass> <keypass>my-keypassword</keypass> </configuration> </plugin> … </plugins> </build> … © Grammling und Müller GbR – neat-IT 16
  • 17. Activate the Security-Layer ► System Variables of the JVM Property-Key Value Description java.security.policy <File> Policy file, which the OSGi Service Platform should use itself. org.osgi.framework.security osgi Activates the Security-Layer of OSGi. A specific OSGi Security-Manager is used now. Using this parameter enables also the (Conditional) Permission Admin. org.osgi.framework.trust.repositories <Files> List of Java-Keystores. © Grammling und Müller GbR – neat-IT 17
  • 18. The Policy File for OSGi ► The file „all.policy“ ► Usually the OSGi-Framework requires full access ► -Djava.security.policy=all.policy ► Take care to restrict the rights of the JVM itself grant { permission java.security.AllPermission; }; © Grammling und Müller GbR – neat-IT 18
  • 19. Conditional Permission Admin ► Offers authorization during runtime ► Review – Bundle-Signatures: Checks only integrity ► Defining permissions during runtime ► Simplification comparing to Java 2 Security • ALLOW, DENY and reverse rules can be defined ► OSGi specific extensions comparing to Java 2 Security • E.g. setting the permission to register a service © Grammling und Müller GbR – neat-IT 19
  • 20. Local Permissions of a Bundle ► The developer defines specific permissions for the Bundle ► E.g. Access to the file system or using a service ► Local permissions are defined in the ASCII file „permissions.perm“ in the directory of the Bundle „OSGI-INF“ ► The OSGi Platform ensures that the Bundle gets only these permissions the developer has specified in the „permissions.perm“ file … # Accept exporting and re-importing package of service interface (org.osgi.framework.PackagePermission "de.telekom.connectedhome.services.clock.*" "exportonly,import") # Accept registering a concrete service (org.osgi.framework.ServicePermission "de.telekom.connectedhome.services.clock.TimeService" "register") … © Grammling und Müller GbR – neat-IT 20
  • 21. Globale Permissions in the System ► Sandboxes can be defined for the OSGi platform for all or a set of Bundles using: ► Bundle signatures ► Bundle location ► Global permissions must be set by using the Conditional Permission Admin service ► The OSGi specification defines also a textual format and a parser for it: … ALLOW { [org.osgi.service.condpermadmin.BundleLocation "file:foo.jar"] (org.osgi.framework.PackagPermission "*" "import") } "allow-all-packages" ALLOW { [org.osgi.service.condpermadmin.BundleSignerCondition "CN=cn, OU=ou, O=o, ST=st, C=c"] (java.security.AllPermission "*" "*") } "allow-all-signed-bundles" … © Grammling und Müller GbR – neat-IT 21
  • 22. Bundle Protection Domains © Grammling und Müller GbR – neat-IT 22
  • 23. Permissions in OSGi ► PackagePermission ► Restrict the import- and export of Java packages ► BundlePermission ► Restrict access to Bundles (e.g. Require-Bundle) ► AdminPermission ► Restrict management access (e.g. lifecycle) ► ServicePermission ► Restrict registering and using services © Grammling und Müller GbR – neat-IT 23
  • 24. Luise-Riegger-Str. 21 ● 76137 Karlsruhe Grammling und Müller GbR www.neat-it.de