Identity-Based Cryptosystems for Enhanced Deployment of OSGi Bundles

The International Conference on Emerging Security Information, Systems, and Technologies (SECUREWARE 2007) Pub Date : 2007-10-14 DOI:10.1109/SECUREWARE.2007.4385333

P. Parrend, S. Galice, S. Frénot, S. Ubéda

{"title":"Identity-Based Cryptosystems for Enhanced Deployment of OSGi Bundles","authors":"P. Parrend, S. Galice, S. Frénot, S. Ubéda","doi":"10.1109/SECUREWARE.2007.4385333","DOIUrl":null,"url":null,"abstract":"The OSGi platform is designed to make Java software extensible at runtime. This undeniably presents a great interest in several domains like embedded platforms or enterprise application servers. However, securing the deployment of the OSGi components, or bundles, proves to be a major challenge. The current approach consists in digitally signing the bundles and certifying the signature through a public key infrastructure (PKI). We propose to replace this technology with an identity-based cryptosystem, which provides both better performances and simplified key management. We present an infrastructure for initialization and use of identity-based cryptography, and define the digital signature of bundles using such a cryptographic scheme. Based on our implementation, we provide a comparison between classical PKI management and identity-based PKI management. The proposed approach proves to support radical improvement in the key management process, especially in strongly asymmetric system such as OSGi-based home gateway, where a few providers publish services for millions of potential users.","PeriodicalId":257937,"journal":{"name":"The International Conference on Emerging Security Information, Systems, and Technologies (SECUREWARE 2007)","volume":"48 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"The International Conference on Emerging Security Information, Systems, and Technologies (SECUREWARE 2007)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SECUREWARE.2007.4385333","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

Abstract

The OSGi platform is designed to make Java software extensible at runtime. This undeniably presents a great interest in several domains like embedded platforms or enterprise application servers. However, securing the deployment of the OSGi components, or bundles, proves to be a major challenge. The current approach consists in digitally signing the bundles and certifying the signature through a public key infrastructure (PKI). We propose to replace this technology with an identity-based cryptosystem, which provides both better performances and simplified key management. We present an infrastructure for initialization and use of identity-based cryptography, and define the digital signature of bundles using such a cryptographic scheme. Based on our implementation, we provide a comparison between classical PKI management and identity-based PKI management. The proposed approach proves to support radical improvement in the key management process, especially in strongly asymmetric system such as OSGi-based home gateway, where a few providers publish services for millions of potential users.

查看原文本刊更多论文

用于增强OSGi包部署的基于身份的密码系统

OSGi平台旨在使Java软件在运行时可扩展。不可否认，这在嵌入式平台或企业应用服务器等领域引起了极大的兴趣。然而，确保OSGi组件或包的部署是一个主要的挑战。当前的方法包括对包进行数字签名，并通过公钥基础设施(PKI)对签名进行认证。我们建议用一种基于身份的密码系统来取代这种技术，它提供了更好的性能和简化的密钥管理。我们提出了一种初始化和使用基于身份的加密的基础结构，并使用这种加密方案定义了包的数字签名。在此基础上，对经典PKI管理和基于身份的PKI管理进行了比较。所提出的方法被证明支持从根本上改进密钥管理过程，特别是在强非对称系统中，例如基于osgi的家庭网关，其中少数提供者为数百万潜在用户发布服务。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

The International Conference on Emerging Security Information, Systems, and Technologies (SECUREWARE 2007)

自引率

0.00%

发文量