A Service Bundle Authentication Mechanism in the OSGi Service Platform
Young-Gab Kim, Chang-Joo Moon, Dae-Ha Park, Doo-Kwon Baik
Department of Computer Science and Engineering, Korea University
1,5-ga, Anam-dong, SungBuk-gu, 136-701, Seoul, Korea
Email : {ygkim, mcj}@software.korea.ac.kr, [email protected], [email protected]
Abstract The existing network services are supplied in the
form of component between server that supply services
The services in the OSGi framework environment and the client. Those services are supplied in a static
are deployed dynamically according to the service environment. On the contrary, the services in the OSGi
gateway and the life-cycle of a service bundle. Services framework environment are deployed dynamically
also have interactions with other services. In this according to the service gateway and the life-cycle of a
paper, we propose a bundle authentication mechanism service bundle. Services also have interactions with
considering characteristics for the home gateway other services. Due to this characteristic, there is plenty
environment. We design the key exchange mechanism of room for malicious services to be installed by
for exchanging a key and propose the service bundle unauthorized operators, and further, the nature of
authentication mechanism based on MAC that use a services can be changed illegally. Thus, It is possible
shared secret created in the bootstrapping step. for those services bundle to maliciously influence
Service bundle authentication mechanism we propose service gateways and users.
is more efficient than PKI-based bundle authentication
mechanism or RSH protocol in the service platform, Currently, authentication of service bundle relies a
which has restricted resources such as storage space Public Key Infrastructure(PKI)[1] and the OSGi
and operations. recommend a Remote communication in a Secure way
based on HTTP(RSH) protocol[2]. But, The PKI-based
1. Introduction service bundle authentication is not appropriate for the
OSGi Service Platform, which has restricted resources
The Open Service Gateway initiative(OSGi) is a such as storage space and operations, because It may
standardization group to define an open standard for perform public-key operation such as RSA or DSA
connecting the coming generation of smart consumer and check the effectiveness of certificate working
and small business appliances with commercial together external Certification Authority(CA). Also the
internet service. The OSGi was founded in March, basic idea with the RSH protocol is that it bases
1999. Fifteen companies were the original founders authentication and encryption on Message
and there are currently more than fifty companies. Authentication Code(MACs)[3] to all the data that is
transported between an operator and a service gateway.
The primary goal of the OSGi service framework is Therefore, it is expected to perform poorly when the
to use the JAVA programming language’s platform size of service bundle became large. So, to overcome
independence and dynamic code-loading capacity to this limitation, in this paper, we propose the MAC-
make development and dynamic deployment of based service bundle authentication mechanism.
applications for small-memory device easier. Also it
provides life-cycle management functionality that Mutual authentication[4] is necessary between an
permits application developers to partition applications operator and a service gateway before MAC-based
into small self-installable components. These service bundle authentication. Then, a shared secret
components are called bundles. Bundles can be created in the mutual authentication is used to create a
downloaded on demand and removed when they are no MAC. In this paper, we design the mechanism for
longer needed. When a bundle is installed and exchanging a key which transports a service bundle
activated in the Framework, it can register any number safely in a bootstrapping step that recognizes and
of services that can be used by other bundles. initializes equipments. And we propose the service
bundle authentication mechanism based on MAC that
use a shared secret created in bootstrapping step.
GG
Proceedings of the 18th International Conference on Advanced Information Networking and Application (AINA’04)
0-7695-2051-0/04 $ 20.00 © 2004 IEEE
The structure of this paper is the following: In written as an interface with its implementation
chapter 2, we explain the OSGi service framework and separated. It is a self-contained component, accessible
describe the OSGi security structure. In chapter 3, we via defined service interface. In the OSGi model, an
propose the key exchange mechanism for the service application is composed of some services that
bundle authentication and the service bundle cooperate each other and the services can extend their
authentication mechanism is explained in chapter 4. In functionality at runtime by requesting more services
chapter 5, we show a evaluation of those mechanisms. that are required. The bundles are the functional and
Lastly, we describe the result of this research and deployment unit for providing services. A bundle is
future work. deployed as a JAR file that contains services and other
resources. It represents a functional component when
2. OSGi Service Platform installed and activated in the framework. The bundle
contexts are the execution environments of the bundles
In this chapter, we explain a structure of the OSGi in the framework. They are created by the framework
service framework, the OSGi security structure, and when the bundle is activated. Bundle contexts are used
RSH protocol for performing Secure Provisioning to install new bundles into the framework and to
Data Transport to a service platform. register services in the framework’s registry.
2.1 The Structure of the OSGi Service Framework 2.2 The OSGi Security Architecture
The OSGi has announced the release of OSGi The structure of the security that the OSGi
recommend is based on a PKI solution[6]. A CA is
Service Platform Release 3[5] in March, 2003. This responsible for transmitting certificates to all of the
OSGi entities. The certificates and the associated keys
specification is designed for supplying all home are used for authentication, integrity and
confidentiality.
network standard such as Bluetooth, CAL, CEBus,
The operator ought to authenticate a particular
Convergence, emNET, HAVi, HomePNA, HomePlug, service gateway and the service gateway ought to
authenticate the operator in a bootstrapping step before
HomeRF and Jini. Also it support that a home gateway a bundle is downloaded and installed into OSGi
framework. The bootstrap process is still under
or other device such as personal computer can be development by other working groups and its
operation is not yet finalized.
executed.
As mentioned above, OSGi does not present a
The whole structure of OSGi Service Platform is mutual authentication between the operator and the
service gateway in a bootstrapping step and show a
like a Figure 1. definite mechanism for the service bundle
authentication. Therefore, in this paper, we present a
Home User Other User mechanism for exchanging a key that transports a
service bundle safely in bootstrapping step and the
Service Service Gateway service bundle authentication mechanism in chapters 3
Provider 1 and 4.
Service BB B 2.3 Transport Protocols
Provider 2
uu u OSGi proposes a remote communication method
. used to perform the secure provisioning of data
. nn n transport to a service platform. Data transports may be
. performed using one of the following protocols:
Operator dd d Http[7], Https[7], RSH(Remote communication in a
l l …. l secure way based on Http). The basic idea with the
RSH protocol is that it bases authentication and
ee e encryption on MACs that have been derived from a
secret that has been shared between the service
12 n platform and the operator prior to the start of the
Service Bundle OSGi Service Framework
Provider n Repository
Figure 1. The structure of OSGi service platform
The service provider is a service development
company such as an electrical company, which
provides energy service at home, and plays a role in
creating and supplying service bundles. The operator is
an enterprise that manages the service gateway and the
services, where the service gateway is in installed at
user’s home and can also be referred to as a home
gateway. The user as a principal, using the service
gateway can access home network and home
equipments.
The key entities in the framework are services,
bundles and bundle contexts. The services are Java
classes that perform certain functionality, usually
GG
Proceedings of the 18th International Conference on Advanced Information Networking and Application (AINA’04)
0-7695-2051-0/04 $ 20.00 © 2004 IEEE
protocol execution. Thus, the RSH protocol performs 3.1 The Key Exchange Mechanism using a
authentication and encryption to all the data being Symmetric-key
transported between the service platform and the
operator using the MACs. As a result, it consumes a lot The key exchange mechanism is a method that
of system resources when the size of data is being encrypts user’s authentication ticket and supports
transferred is large, since it spends lots of time making integrity of the service bundle by sharing a secure
the MACs. Furthermore, it performs authentication and shared secret between the operator and the service
encryption of all the data being sent and received, gateway. It generates the shared secret key after
which is often unnecessary. Also, it doesn’t provide a bootstrapping of the service gateway. The shared
way of exchanging a symmetric-key between the secret key is freshened whenever the service gateway
service gateway and the operator. requests a new service, to minimize the risk of attack.
We present the key exchange mechanism for
The RSH protocol recommended by the OSGi is generating a shared secret key in bootstrapping step in
described as in the followings: A client generates a Figure 2. It encrypts a nonce NSG generated in the
nonce, stores it somewhere and denotes it clientfg. The service gateway and a NOP generated in the operator
client sends the clientfg to the server. The server using a public-key(KSG, KOP) or the symmetric-key
generates a nonce and denote it serverfg, and KSG_OP. We show the mutual authentication and the
calculates an authentication key based on a HAMC way to generate shared secret key using the mechanism
function, the shared secret, the received clientfg, the proposed.
serverfg and authentication constant. Thus, the server
calculates an encryption using a HAMC function[8], The key exchange mechanism using a symmetric-
the shared secret, the received clientfg, the serverfg key is a method that it uses a same key(a symmetric-
and the encryption constant. The server encrypts the key) to encrypt and decrypt for nonce(NSG, NOP) and
response data using the encryption key derived in a timestamp, which are all is generated in the service
previous step, and calculates a MAC using a HMAC gateway and in the operator.
function, the encrypted response data and
authentication key. Finally, the server sends a response Figure 2 shows the key exchange mechanism in
to the client containing the serverfg, the MAC and the bootstrapping step.
encrypted response data. The client calculates the
encryption key the same way the server did and uses Service Gateway Operator
this to decrypt the encrypted response data. The
serverfg value received in the response is used in the KOP -KOP
calculation. The client performs the calculation of the or or
MAC, in the same way the server did and checks that
this matches the received MAC. If they do no match, KSG_OP IDSG (2) IDSG KSG_OP
further processing is discarded. The serverfg value IDOP Transmit IDOP
received in the response is used in the calculation. Generate (1) NSG NSG (3)
Transmit D NSG
We improve the RSH protocol away RSH Random NSG E IDOP
protocol’s limitation. Furthermore, we propose the IDSG (9)
MAC-based service bundle authentication, is suitable nonce -KSG NSG Transmit IDOP KSG
for the OSGi platform. We will show the comparisons (7) Compare! or NOP IDSG or
between the RSH protocol and the MAC-based service NSG
bundle authentication in chapter 5. KSG_OP IDSG NOP KSG_OP
IDOP (4)
3. The Key Exchange Mechanism in the OSGi NSG (6) NOP (5) IDSG
Platform D IDOP E
NOP NSG
It is necessary to authenticate between the service NOP -KOP NOP
gateway and the operator before the service gateway or
supplies a service to home user. In this paper, we KOP (11)
propose the key exchange mechanism that generates a or KSG_OP Compare!
shared secret key for authenticating service bundle via (10)
a mutual authentication of the service gateway and the KSG_OP NOP
operator in bootstrapping step. (8) D
NOP E
(12) Shared Secret = H(NSG|NOP)
Figure 2. The key exchange mechanisms in
bootstrapping step
IDSG , IDOP : Identifications of a service gateway and a operator
NSG, NOP : Nonce generated in a service gateway and a operator
KOP, KSG : A public key of a service gateway and a operator
-KOP, -KSG : A private key correspond to the public key
KSG_OP : A symmetric-key between a service gateway and a
operator
Through the steps (7) and (11), we can confirm that
the service gateway and the operator authenticate each
other. Also, we can confirm that the shared secret key
is created between the service gateway and the
operator.
3.2 The Key Exchange Mechanism using a Public-
key
GG
Proceedings of the 18th International Conference on Advanced Information Networking and Application (AINA’04)
0-7695-2051-0/04 $ 20.00 © 2004 IEEE
The key exchange mechanism using a public-key is The service bundle is provided in the form of JAR
like that using a symmetric-key. The difference file between the service gateway and the operator. So,
between two mechanisms is that the service gateway the authentication of the service bundle can be
(or the operator) encrypts and decrypts a nonce(NSG, performed by verifying a signature in the JAR file.
NOP) using the public key(KSG, KOP) and the private Generally, the JAR signature code is created using a
key(-KSG, -KOP) in the key exchange mechanism using developer’s private key and verified using a
a public-key. We show the comparisons of two developer’s public certificate on PKI-based
mechanisms in chapter 5. authentication. But this authentication mechanism
based on PKI may execute a public-key calculation
4. The Service Bundle Authentication and needs to work together with the Certificate
Mechanism in the OSGi Service Platform Authorizations to verity the validation of a certificate.
Thus, it’s not suitable for the OSGi service platform,
Before we explain the service bundle which has restricted resources such as storage space
authentication mechanism, we will show a global and operations. Considering this limitation, The MAC-
structure of service bundle authentication and based authentication, which uses the shared
protection domain allocation in the OSGi service authentication key(MAC key), is more efficient than
platform in Figure 2. The service provider supplies a the PKI-based authentication. So, in this paper, we
signed service bundles(that is, Signed JAR files[9]) to propose using the MAC key for authenticating a
the operator(<1>, <2>). At that time, the operator service bundle.
verifies the signed JAR file based on PKI(<3>). The
operator saves the verified bundles to a signed bundle Most of all, the service gateway should share a
repository. Non-verified bundles are saved to a symmetric key with the operator in advance and vice
temporary bundle repository(<4>). versa. In order to share the key, as was mentioned
earlier, the service gateway and the operator should
Service Provider Authenticate Operator Service Gateway Assign protection authenticate each other with their registered system
B’s bundle domain for key after the service gateway bootstrapped. Then they
class B would use the mechanism, which uses the shared
symmetric-key(the shared secret) for authenticating a
Secure A B service bundle. Figure 4 shows the MAC-based service
Channel bundle authentication mechanism.
Request B’s bundle Request B’s bundle Request class B Define class B
<1> Global (3) (8)
Security
Web (1) OSGi
Server <3> Admin
Return B’s bundle Framework (5)
<2> <4> (4) (7) Migrate B’s bundle SP OP (2) uzn SG
Load B’s bundle (3) (1)
Policy Load class B
Store B’s bundle
Return B’s bundle
uvw uzn
Store Request Bundle
Search for class B(2) B’s bundle
(6)
zGqhy zGqhy zGqhy zGqhy
Signed Refined Verifyclass B’s j <1> j (5) j
Policy integrity Transmit j Transmit
Bundle
Base (4)
Policy
Code Temp Signed Local tGm tGm H thj Manifest File
Storage
Base Keystore Bundle Bundle Manifest File
Repository Repository
Figure 3. A global structure of service bundle Signature File zGz thj (6) thj
authentication and protection domain allocation in the Signature uvw H
Block File uzn uvw uvw
OSGi platform zGz
jGHH
When a user requests a service((1)), first the
uzn
service gateway looks for the services in a local thj
Figure 4. MAC-based service bundle authentication
storage((2)). If there is no service in the local storage, mechanism
the service gateway requests the service from the The MAC generated in bootstrapping step is the
operator((3)). The service is then dynamically moved basis of the MAC-based service bundle mechanism.
and installed into the service gateway, if the requested The MAC is generated by an encrypt hash function
service was located in the signed bundle called HMAC function. SUN provide two kinds of
repository((4)~(6)). At that time, both the service HAMC algorithm, HmacMD5 and HmacSHA1, and
gateway and the operator create a secure transport we use the HmacSHA1 algorithm for implementing
channel, based on a MAC key, and transport a service MAC-based service bundle mechanism in this paper.
bundle. Before the service is executed from a local As input to the HAMC calculations a service gateway
storage, Java ClassLoader verifies a class’s generated nonce (NSG), a operator generated nonce
(NOP) and the shared secret key generated in bootstrap
integrity((6)~(7)). Furthermore, the protection domain are used.
is allocated by policy file((8)).
GG
Proceedings of the 18th International Conference on Advanced Information Networking and Application (AINA’04)
0-7695-2051-0/04 $ 20.00 © 2004 IEEE
It can be seen in step <1> in Figure 3, the operator the other hand, in the MAC-based service bundle
cuts a signature file and signature block file in the authentication, the operator receives a service bundle
Signed JAR file when the operator registers services from the service provider and verifies the service
from the service provider. As a result, the size of the bundle based on PKI and then finally transmits the
service bundles becomes small, which can improve the service bundle with the attached MAC, to the service
speed of transporting the services from the operator to gateway. Thus, the service gateway can authenticate
the service gateway. integrity of service bundle by comparing only the
MACs, which are created by the service gateway and
Through the steps from (1) to (6), the service the operator. As a result, the speed of authentication is
gateway can check the integrity of the service bundle much faster. Also the freshness of a MAC value and
by comparing the generated MAC by the service consequently the security can be high because the
gateway, with the MAC received from the operator. MAC value is created whenever the service gateway
These MACs can improve the security because new requests the service bundle.
MACs are generated whenever the service gateway
requests a service from the operator. Table 1. Comparisons between PKI-based and MAC-
based bundle authentication
5. Evaluation
Method of PKI-based MAC-based
In this paper, we presented a key exchange service bundle Operator
mechanism and a service bundle authentication authentication Service
mechanism for the service bundle. The key exchange Gateway
mechanism using public-key is easy to manage, Subject of
distribute and a key can be easily renewed. But the Authentication
speed of encryption, decryption and transmission is
slow because the size of the key is big and the public- Object of Service Operator
key algorithm relies on one key for encryption and a Authentication Provider High
different but related key for decryption. Furthermore, it High
consumes many resources to verify a certificate and Speed of Low High
compute many of operations required. On the other authentication Medium
hand, the key exchange mechanism using symmetric-
key uses the same key to encrypt and decrypt. Freshness of key Low
Consequently, encryption and decryption are fast.
Furthermore, the speed of transmission is fast because Degree of
the size of key is smaller than that of a public-key. operator’s
Therefore, considering speed of operation and the size participation
of transporting data in the network, the key exchange
mechanism based on symmetric key is more efficient Table 2 shows comparisons between RSH protocol
than that of public-key in the OSGi framework, whose and MAC-based service bundle authentication
resources are limited. Also the key exchange mechanism. The RSH protocol bases authentication
mechanism based on symmetric-key is easy to and encryption on MACs to all of the data, being
implement and can be build with smaller expense than transported between the operator and the service
that of a public-key. gateway. Therefore, the service bundle is bigger, and
more time is needed for encryption and decryption.
Table 1 shows comparisons between PKI-based Also, these operations take place any data, which may
service bundle authentication mechanism and MAC- be unnecessary to encrypt and decrypt.
based service bundle authentication mechanism. The
service bundle in PKI-based service bundle Furthermore, a key exchange mechanism is not
authentication is supplied without authenticating a proposed in the RSH protocol. On the other hand, in
bundle at the operator’s side. Thus, to authenticate the case of MAC-based service bundle authentication
service bundle, public-key operation such as RSA or mechanism, the operator cuts a signature file and
DSA takes place in the OSGi framework. Also, the signature block file in the service bundle(Signed JAR
service gateway check the effectiveness of certificate file) when the operator registers the service bundle.
working together external Certificate Authority(CA). Then, instead of the signature file, the operator adds a
These operations take many resources and MAC to the service bundle. This MAC is not a hash
consequently the speed of authentication is slower. On value of the total service bundle, but a hash value of
manifest file in the service bundle(Signed JAR file).
Furthermore, the speed of transmission and
authentication can be improved by eliminating the
encryption and decryption of RSH protocol.
GG
Proceedings of the 18th International Conference on Advanced Information Networking and Application (AINA’04)
0-7695-2051-0/04 $ 20.00 © 2004 IEEE
Table 2. Comparisons between RSH protocol and Reference
MAC-based service bundle authentication mechanism
[1] Marc Branchaud, “A Survey of Public Key
Protocol RSH protocol MAC-based Infrastructures", Department of Computer Science,
McGill University, Montreal, 1997.
Range of All transporting Only manifest [2] OSGi, "Secure Provisioning Data Transport using
processed data between the file in the Http", RFC36, http://www.osgi.org/ , 2002.
service gateway service [3] William Stallings , "Cryptography and Network
Authentication and the operator bundle Security" , Pearson Education, 2002.
[4] John Clark, Jeremy Jacob, " A Surbey of
Exists Exists Authentication Protocol Literature: Version 1.0" ,
University of York, Department of Computer Science,
Encryption Exists None November 1997.
[5] OSGi, "OSGi Service Gateway Specification -
The size of bundle Same Reduced Release 3.0" http://www.osgi.org, 2003.
None Exists [6] OSGi, "RFC 18 - Security Architecture
Key exchange Specification"
mechanism Draft, http://www.osgi.org/member, 2001.
[7] Fielding, R., et. al., "Hypertext Transfer Protocol -
6. Conclusion HTTP/1.1, IETF RFC 2616, June 1999.
[8] H. Krawczyk et. al., "HMAC: Keyed-Hashing for
In this paper, we proposed the service bundle Message Authentication", RFC 2104, February 1997.
authentication mechanism in OSGi service platform. [9] Sun Microsystems, “The Java Tutorial – Signing
To authenticate a service bundle, it is necessary to JAR Files”,
have a mutual authentication between the service http://java.sun.com/docs/books/tutorial/jar/sign/signing
gateway and the operator. A shared secret is created .html, 2002.
then through the mutual authentication. To generate
the shared secret, which is necessary to create a MAC,
we proposed and implemented a public-key and a
symmetric-key exchange mechanism in bootstrapping
step. Encryption and decryption is fast and speed of
transmission is fast because the key is small in the key
exchange mechanism when using a symmetric-key.
In MAC-based service bundle authentication
mechanism, MAC is created using the shared secret,
which is created in key exchange mechanism. PKI-
based service bundle authentication mechanism is safe,
but it is not appropriate to the OSGi platform, which
has restricted resources such as storage space and
operations. Also the RSH protocol bases the
encryption and authentication on MACs to all data,
being transported between the operator and the service
gateway. To overcome those limitations, in this paper,
we proposed the MAC-based service bundle
mechanism. So we improved the speed of
authentication and transmission.
Although we presented a key exchange system for
authenticating a service bundle and the service bundle
authentication system in this paper, we further need to
research and design key exchange system for working
together with encryption of user’s authentication ticket.
GG
Proceedings of the 18th International Conference on Advanced Information Networking and Application (AINA’04)
0-7695-2051-0/04 $ 20.00 © 2004 IEEE