I-JVM: a Java Virtual Machine for Component Isolation in OSGi

Nicolas Geoffray 1 Gaël Thomas 1 Gilles Muller 1 Pierre Parrend 2 Stéphane Frénot 2 Bertil Folliot 1
1 Regal - Large-Scale Distributed Systems and Applications
LIP6 - Laboratoire d'Informatique de Paris 6, Inria Paris-Rocquencourt
2 AMAZONES - Ambient Middleware Architectures: Service-Oriented, Networked, Efficient and Secured
Inria Grenoble - Rhône-Alpes, CITI - CITI Centre of Innovation in Telecommunications and Integration of services
Abstract : The OSGi framework is a Java-based, centralized, component oriented platform. It is being widely adopted as an execution environment for the development of extensible applications. However, current Java Virtual Machines are unable to isolate components from each other. For instance, a malicious component can freeze the complete platform by allocating too much memory or alter the behavior of other components by modifying shared variables. This paper presents I-JVM, a Java Virtual Machine that provides a lightweight approach to isolation while preserving compatibility with legacy OSGi applications. Our evaluation of I-JVM shows that it solves the 8 known OSGi vulnerabilities that are due to the Java Virtual Machine and that the overhead of I-JVM compared to the JVM on which it is based is below 20%.
Type de document :
Communication dans un congrès
39th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'2009), Jun 2009, Estoril, Portugal. IEEE, pp.544-553, 2009, 〈10.1109/DSN.2009.5270296〉
Liste complète des métadonnées

https://hal.inria.fr/inria-00415813
Contributeur : Stéphane Frénot <>
Soumis le : vendredi 11 septembre 2009 - 10:00:26
Dernière modification le : vendredi 31 août 2018 - 09:25:53

Lien texte intégral

Identifiants

Collections

Citation

Nicolas Geoffray, Gaël Thomas, Gilles Muller, Pierre Parrend, Stéphane Frénot, et al.. I-JVM: a Java Virtual Machine for Component Isolation in OSGi. 39th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'2009), Jun 2009, Estoril, Portugal. IEEE, pp.544-553, 2009, 〈10.1109/DSN.2009.5270296〉. 〈inria-00415813〉

Partager

Métriques

Consultations de la notice

5571