I-JVM: a Java Virtual Machine for Component Isolation in OSGi
Year:
2009
Authors/Eds.:
Nicolas Geoffray, Gael Thomas, Gilles Muller, Pierre Parrend, Stephane Frenot, Bertil Folliot
Type of publication:
proceeding
Source:
39th IEEE/IFIP Conference on Dependable Systems and Networks (DSN), Lisbon, Portugal
Abstract:
The OSGi framework is a Java-based, centralized, component oriented
platform. It is being widely adopted as an execution environment
for the development of extensible applications. However, current
Java Virtual Machines are unable to isolate components from each
others.
For instance, a malicious component can freeze the complete platform
by allocating too much memory or alter the behavior of systems by
modifying shared variables.
This paper presents I-JVM, a Java Virtual Machine that provides a
lightweight approach to isolation while preserving the compatibility
with legacy OSGi applications. Our evaluation of I-JVM shows that it
solves the $8$ known OSGi vulnerabilities due to the Java Virtual
Machine. Finally, the overhead of I-JVM for a representative set of
OSGi applications is below $20\%$.
publication index