Extended Authorization Mechanism in OSGi

Abstract

As ubiquitous computing technology evolves, open API that is a solution to interconnect heterogeneous devices and services in a more fluid manner has emerged. Among open API solutions, OSGi is a Java-based service platform that is widely used in the service gateway of home network. In home network environments, the user authentication and authorization associated user's information and usability may be important security issue. Although the current OSGi support RBAC-based authori-zation, it does not support various facilities in the RBAC model. The access control mechanisms for OSGi proposed so far focus on supporting the RBAC conventions with the basic form of role-user-permission mappings. However, these are difficult to sup-port efficient access control. We propose the extended access control mechanism that includes the concepts of relative role and delegate class. We explain the proposed access control mechan-ism with an example of developing a simple set-top box control service.