Presentation is loading. Please wait.

Presentation is loading. Please wait.

© copyright 2005 by aQute SARL All rights reserved. OSGi Basic Architecture OSGi User Group France 2005-05-27 By Peter Kriens Technical Director OSGi.

Published byAva Castillo Modified over 10 years ago

Similar presentations

Presentation on theme: "© copyright 2005 by aQute SARL All rights reserved. OSGi Basic Architecture OSGi User Group France 2005-05-27 By Peter Kriens Technical Director OSGi."— Presentation transcript:

1

2 © copyright 2005 by aQute SARL All rights reserved. OSGi Basic Architecture OSGi User Group France 2005-05-27 By Peter Kriens Technical Director OSGi OSGi Fellow

3 © copyright 2004 by aQute SARL. All rights reserved. 2 Contents Context OSGi Environment OSGi Service Framework Module Layer Life Cycle Layer Service Layer Security Layer Conclusion

4 © copyright 2004 by aQute SARL. All rights reserved. 3 Where OSGi is Used Mobile Internet Desktop Servers Industrial Automation Home Automation Communications Smart Phones Vehicle Telematics

5 © copyright 2004 by aQute SARL. All rights reserved. 4 OSGi Environment Hardware Bundle Operating System OSGi Java VM Bundle (Application) Driver = service interface exported and imported by bundles

6 © copyright 2004 by aQute SARL. All rights reserved. 5 Framework Allows applications to dynamically share a single Java VM Manages applications –Separates Applications from each other –Service registry for collaboration of applications –Extensive notification mechanism to handle the dynamics –Security Policy free –Policies are provided by bundles Closure

7 © copyright 2004 by aQute SARL. All rights reserved. 6 Layering Module Life Cycle Services Security Execution Environment Applications

8 © copyright 2004 by aQute SARL. All rights reserved. 7 Execution Environment OSGi APIs only use a subset of J2SE and J2ME CDC –OSGi Minimum EE Matches most profiles Implementations can use more than the OSGi Minimum EE Security is not mandatory CLDC is possible if class loaders are added in a device specific way CLDC/ MIDP J2SE CDC/FP OSGi Min.

9 © copyright 2004 by aQute SARL. All rights reserved. 8 Module Layer Packaging of applications and libraries in Bundles –Raw Java has significant deployment issues Class Loading modularization –Raw Java provides the Class Path as an ordered search list, which makes it hard to control multiple applications Protection –Raw Java can not protect certain packages and classes Versioning –Raw Java can not handle multiple versions of the same package bundle

10 © copyright 2004 by aQute SARL. All rights reserved. 9 p s r u q r v w Module Layer Module Layer manages the class loading for bundles Exported Packages –Available for sharing with other bundles Imported Packages –Imported from other bundles Uses constraints are solved Private Packages –Embedded in the JAR file –Bundle Class Path –Provides extra protection Extensive possibilities to influence the resolve process Simple to use in the simple case p q t

11 © copyright 2004 by aQute SARL. All rights reserved. 10 p-1.0 q-1.0 t u Module Layer Model allows for binding to multiple versions of the same package –MIDP-1.0 packages versus MIDP-2.0 packages Scopes services so bundles can only see services they can work with p-1.0.1 q-1.0 p-2.0 q-2.1 t u p-2.2 q-2.1

12 © copyright 2004 by aQute SARL. All rights reserved. 11 Module Layer Fragments provide resources that are searched after private packages –Localization –Native code Supports split packages Can be dynamically attached Requiring Bundles –Treat a required exports as imports Simpler to use albeit more brittle p q v v w v w w Fragments t u p-1.0.1 q-1.0 p-1.0.1 q-1.0 Require Bundle

13 © copyright 2004 by aQute SARL. All rights reserved. 12 Benefits Module Layer Provides modularization to Java Minimizes deployment problems –It handles the versioning problem Improves reliability of deployed systems –The specification makes the class loading deterministic Better security –Private packages add extra protection Simplified development –The developer has more mechanisms to solve his deployment problems

14 © copyright 2004 by aQute SARL. All rights reserved. 13 Life Cycle Layer Java is biased to a start/stop application model –Not a component model –Difficult to build larger applications out of smaller applications Popular Application models do not include the management API –All Application Management is proprietary –No market for standard JAMs Powerless Applications –No API to allow third party code to manage some applications on the device –Enterprise model

15 © copyright 2004 by aQute SARL. All rights reserved. 14 Bundle X Life Cycle Layer System Bundle represents the OSGi Framework Management Bundle Provides an API for managing bundles –Install –Resolve –Start –Stop –Refresh –Update –Uninstall Based on the module layer Bundle B bundle M Bundle A System bundle InstallStartResolve

16 © copyright 2004 by aQute SARL. All rights reserved. 15 Bundle X Life Cycle Layer System Bundle represents the OSGi Framework Management Bundle Provides an API for managing bundles –Install –Resolve –Start –Stop –Refresh –Update –Uninstall Based on the module layer Bundle B bundle M Bundle A System bundle Bundle X-2 UpdateUninstall

17 © copyright 2004 by aQute SARL. All rights reserved. 16 Life Cycle Layer Bundle is started by the Bundle Activator class Header in Manifest refers to this class Interface has 2 methods –Start: Initialize and return immediate –Stop: Cleanup The Activator gets a Bundle Context that provides access to the Framework functions Framework provides Start Level service to control the start/stop of groups of applications INSTALLED RESOLVED UNINSTALLED ACTIVE STOPPING STARTING start stop

18 © copyright 2004 by aQute SARL. All rights reserved. 17 Life Cycle Layer HelloWorld.java: package org.osgi.nursery.hello; import org.osgi.framework.*; public class HelloWorld implements BundleActivator { public void start( BundleContext context ) throws Exception{ System.out.println( "Hello Paris!" ); } public void stop( BundleContext context ) throws Exception { System.out.println( Au Revoir!" ); } } Manifest: Manifest-Version: 1.0 Bundle-Activator: org.osgi.nursery.hello.HelloWorld

19 © copyright 2004 by aQute SARL. All rights reserved. 18 Life Cycle Layer Extensive Event model All Events are sent out from the System Bundle In R4, Augmented with Event Manager Framework Events –STARTED –PACKAGES_REFRESHED –START_LEVEL_CHANGED –INFO –WARNING –ERROR Bundle B bundle M System bundle event sent to listener command

20 © copyright 2004 by aQute SARL. All rights reserved. 19 Life Cycle Layer Provides management APIs Package Admin service –Introspection and refreshing of the package sharing constructs Permission Admin service –Introspection for the bundle permissions –Dynamically change permissions Conditional Permission Admin Service Start Level Admin service –Group bundles and start/stop the as a group Provides programmatic access to resources of other bundles

21 © copyright 2004 by aQute SARL. All rights reserved. 20 Life Cycle Layer Benefits API to manage bundles –Java Application Managers can become third party products –Implementations of standards are usually more robust than proprietary implementations Secure Delegation model –Opens new business models –Allow Enterprises to manage their own bundles Easier to debug, diagnose –Improves customer relations

22 © copyright 2004 by aQute SARL. All rights reserved. 21 Service Layer OSGi is more than an Applet, MIDlet, Xlet runner Bundles can collaborate through: service objects A dynamic service registry allows a bundle to find and track service objects Framework fully manages this collaboration –Dependencies –Security Bundle JAVA Operating System Hardware OSGi Framework Service registry packages

23 © copyright 2004 by aQute SARL. All rights reserved. 22 Collaborative model JAVA Operating System Hardware Java Application Manager Service registry packages Midlet, Xlet, or Applet Midlet, Xlet, or Applet No native code No package management (versions!) No collaboration No management bundles

24 © copyright 2004 by aQute SARL. All rights reserved. 23 Service Specifics A service is an object registered with the Framework by a bundle to be used by other bundles Services can be: –Registered with properties –Properties can be modified –Unregistered Fully Evented Elegant model for optional services service Bundle B Bundle A Bundle C registerget listen

25 © copyright 2004 by aQute SARL. All rights reserved. 24 Service Layer A bundle can search for a service that implements a specific interface The interface defines the semantics of the service Other bundles can provide services The implementations can differ widely The client and the server are not coupled to each other –Only to the service definition public interface Log { public void log(String s); } public class SimpleLog implements Log { public void log(String s) { System.out.println( s ); } } Bundle A Bundle Simple Bundle Motorola Bundle IBM Log

26 © copyright 2004 by aQute SARL. All rights reserved. 25 Service Layer The Framework manages the dependencies between bundles Bundles that are installed and started will register services Framework will automatically unregister services when a bundle stops Event notifications for all important events –Synchronous –REGISTERED –MODIFIED –UNREGISTERING

27 © copyright 2004 by aQute SARL. All rights reserved. 26 Service Layer Component Model –Easier to construct customized applications –Breaks the device configuration management problem Adaptive –Allows components to detect the environment and adapt their behavior Well Defined Communication Points –More robust –Easier to debug, diagnose and help users Support to handle the dynamics –Service Tracker –Service Component Runtime Security –Allow multiple components from different parties on the device

28 © copyright 2004 by aQute SARL. All rights reserved. 27 Security Layer Security Architecture based on 4 roles –Operator –Deployer –End User –Developer The OSGi Framework provides a (optional) comprehensive security model Based on Java 2 Permissions Signing or location based authentication Bundle B Bundle A Bundle D Bundle E Bundle F end user DeployerOperator Framework Device developer

29 © copyright 2004 by aQute SARL. All rights reserved. 28 Security Layer Provide a flexible policy management for a delegated management model An Operator must be able to sell a device to an Enterprise and be assured the enterprise can not do anything the Operator does not want The Enterprise administrator must be able to give the device to a person and restrict the possibilities further Bundles must be restricted to only the permissions they need Operator Enterprise Sales Management domain Bundle

30 © copyright 2004 by aQute SARL. All rights reserved. 29 Security Layer Signing based on Public Key Cryptography –Operator signs signing certificate of Deployer Developer adds a local permissions file to the bundle –Easy to read The local permissions are audited by the Deployer Deployer signs the bundle The bundle gets deployed on a Service Platform The permissions of the bundle are the intersection of: –Local permissions –System permissions for that signer Operator remains in full control at all times Bundle A controls local permissions signature OSGi Service Platform system permissions S Enterprise Developer Operator

31 © copyright 2004 by aQute SARL. All rights reserved. 30 Security Layer Permissions can be assigned based on: –Signer –Location (Channel) –Custom Condition Multiple signers are possible –Bundle gets union of signer permissions No partial signing, all signers must sign all content Flexible management API for permissions Dynamic –changes take effect immediately Compatible with standard Java 2 VMs –Take advantage of optimizations OSGi Service Platform system permissions & local permissions Bundle A Location, signer, custom

32 © copyright 2004 by aQute SARL. All rights reserved. 31 Security Layer Signer requires coarse grained to be feasible Bundle can use very fine grained Standard Permissions –FilePermission –RuntimePermission –SocketPermission –… Framework permissions –AdminPermission –ServicePermission –PackagePermission –BundlePermission Service Permissions –ConfigurationPermission –EventPermission –ApplicationPermission Fine grained local permissions Coarse grained system permissions

33 © copyright 2004 by aQute SARL. All rights reserved. 32 Security Layer Benefits Possibility to run not fully trusted code on a device Deployer can mitigate its risk when signing a bundle –Local Permissions Delegated responsibility –Less frustration at Users and Deployers because they are more independent –Less staff required at Operator Operator always maintains fully in control –A change of mind is instantaneous

34 © copyright 2004 by aQute SARL. All rights reserved. 33 OSGi Service Platform Benefits Robust Platform for networked services deployment –Well defined class loading behavior –Security Flexible Management Architecture –API Standardized Execution Environment Small footprint

35 © copyright 2004 by aQute SARL. All rights reserved. 34

36 © copyright 2005 by aQute SARL All rights reserved. OSGi Mobile Platform Release 1 Peter Kriens CEO aQute & Technical Director OSGi OSGi Fellow

37 © copyright 2004 by aQute SARL. All rights reserved. 36 Contents Context Diagram OSGi Mobile Architecture OSGi Core Device Management Deployment Application Model Service Component Runtime Event Admin Conditional Permissions Configuration Admin Conclusion

38 © copyright 2004 by aQute SARL. All rights reserved. 37 Context Diagram End User DeployerOperator OSGi Environment Device Developer

39 © copyright 2004 by aQute SARL. All rights reserved. 38 OSGi Mobile Architecture OSGi Mobile Device Management Deployment Application Model Service Component Runtime OSGi Core Specification Event Admin BREW Symbian MIDP … OMA DM …

40 © copyright 2004 by aQute SARL. All rights reserved. 39 Core OSGi Layering Execution Environment –All APIs are compatible with CDC and J2SE –CLDC possible with VM specific extensions Module layer introduces Bundles –Class loading rules –Modularization Life Cycle Layer provides an API for managing bundles Services Layer provides a dynamic component model with communication ports called services Security layer provides a comprehensive permission model with dynamic management Module Life Cycle Services Security Execution Environment Applications Bundle E Bundle F getregister service

41 © copyright 2004 by aQute SARL. All rights reserved. 40 Dmt Admin Based on a tree model –A Node maps to specific device aspect, e.g. current start level Nodes on the tree are implemented by plugins –Plugins are services Meta Model extended Transactional –Session based Good interface to native device –From native to Java –From Java to native Alerts Security –Java 2 Permission model (also remote managers) –ACLs Dmt Admin Deploy Admin DmtExecPlugin DmtDataPlugin Config Admin Monitor Native State DmtAdmin … …. Appl. Manager Event Admin

42 © copyright 2004 by aQute SARL. All rights reserved. 41 Dmt Monitoring Monitorable services –Any Monitorable service can provide multiple Status Variables Status Variables available through the DMT Monitoring jobs can be scheduled –Report a set of Status Variables to the management System Monitor Monitorable MonitorAdmin Appl DmtDataPlugin EventAdmin

43 © copyright 2004 by aQute SARL. All rights reserved. 42 Deployment Deployment Admin provides the possibility to install and update Deployment Packages Deployment Packages are –A set of bundles with associated Resource Processor –Transactional –No sharing with other Deployment Packages Resource Processors provide the semantics for the bitsof the resources in the JAR file –Process (install) –Drop (uninstall) Security based on the permissions associated with the signer of the Deployment Package Depl. Admin Resource Processor DeploymentAdmin Rrsrc. Proc. DmtDataPlugin EventAdmin Autoconf

44 © copyright 2004 by aQute SARL. All rights reserved. 43 Deployment Deployment Package –Based on JAR Format Manifest describes the resources and associates them with a Resource Processor Fix Packages –Provide only updated contents manifest.mf signer.sf signer.rsa bundle-A.jar bundle-B.jar autoconf.xml certificates.cer Global section Name: bundle-A.jar SHA1-Digest: RTasy&yasi987iasj= Bundle-SymbolicName: com.acme.a Bundle-Version: 2.1 Name: certificates.cr SHA1-Digest: lkMjUasm87asj&jasloe DP-ResourceProcessor: com.acme.c509 Certificate Processor Resource Processor

45 © copyright 2004 by aQute SARL. All rights reserved. 44 Deployment Customizers A Deployment Package can contain its own Resource Processor bundle This customizer is installed and started before other bundles in the Deployment Package It registers a Resource Processor service The Deployment Admin will only allow only contents from the correct DP to be processed by the customizer The customizer gets access to the private data area of its related bundles DP Customizer Depl. Admin bundle A

46 © copyright 2004 by aQute SARL. All rights reserved. 45 Application Model A generic model that is intended to abstract different application models so they can be treated as one –Screen Manager Provides access to icons and descriptive localized information for each application Can monitor the state of running instances Applications can be scheduled for later execution when a specific event arrives Application Descriptor and Application Handle services are provided as vendor specific base classes Interacts with JSR 211 Application Descriptor Native Container MIDP Container Application Handle Screen manager

47 © copyright 2004 by aQute SARL. All rights reserved. 46 Declarative Services Classic OSGi model based on startup initialization –Startup time –Many services not needed until much later, if ever Lazy Initialization is much better The service model provides hooks so that a bundle is not initialized until it is needed Bundles declare their requirements and capabilities declaratively in a bundle resource The Service Component Runtime –Tracks bundles –Calculate dependencies –Initialize a declarative service when it is needed Bundles that are not activated do not consume resources in the system SCR bundle A bundle B component.xml

48 © copyright 2004 by aQute SARL. All rights reserved. 47 Event Manager Service The Event Manager is a simple publish and subscribe model Events have –A Topic string –Properties Events are posted through the Event Admin service, either synchronous or asynchronous Clients can register an Event Listener and receive events –Can use a filter for further selection Event delivery is protected by an Topic Permission Event Manager Event Manager Event Listener

49 © copyright 2004 by aQute SARL. All rights reserved. 48 Configuration Admin Property based configuration storage for bundles Bundles register a Managed Service (Factory) to receive their configuration and updates –Dynamic! Managed Services –Provide a single set of properties Managed Service Factories –Provide creation and deletion of any number of sets of properties Supports filter based searches Managed Service Factory bundle B bundle A Config Admin Managed Service Configuration Admin Configuration DB

50 © copyright 2004 by aQute SARL. All rights reserved. 49 Conclusion The OSGi Mobile Architecture provides an excellent environment for system, firmware, middleware and application software The component architecture solves many of the complex customization issues that are part of massive market devices like mobile phones and telematic units. The security model is the most fine grained model available –And in this model it actually can be used

51 © copyright 2004 by aQute SARL. All rights reserved. 50 For More Information www.osgi.org www.aQute.biz Peter Kriens 9c, Avenue St. Drézéry 34160 Beaulieu FRANCE Mobile +33633746480, Tel +33467542167 Tel +15123514821 AOL,Yahoo, Skype pkriens, ICQ 255570717

Download ppt "© copyright 2005 by aQute SARL All rights reserved. OSGi Basic Architecture OSGi User Group France 2005-05-27 By Peter Kriens Technical Director OSGi."

Similar presentations

Symantec 2010 Windows 7 Migration EMEA Results. Methodology Applied Research performed survey 1,360 enterprises worldwide SMBs and enterprises Cross-industry.

Symantec 2010 Windows 7 Migration EMEA Results. Methodology Applied Research performed survey 1,360 enterprises worldwide SMBs and enterprises Cross-industry.
Symantec 2010 Windows 7 Migration Global Results.

Symantec 2010 Windows 7 Migration Global Results.
1

1
Distributed Systems Architectures

Distributed Systems Architectures
Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.

Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.
IS301 – Software Engineering V:

IS301 – Software Engineering V:
1 Copyright © 2013 Elsevier Inc. All rights reserved. Chapter 4 Computing Platforms.

1 Copyright © 2013 Elsevier Inc. All rights reserved. Chapter 4 Computing Platforms.
Processes and Operating Systems

Processes and Operating Systems
1 Hyades Command Routing Message flow and data translation.

1 Hyades Command Routing Message flow and data translation.
David Burdett May 11, 2004 Package Binding for WS CDL.

David Burdett May 11, 2004 Package Binding for WS CDL.
1 Introducing the Specifications of the Metro Ethernet Forum MEF 19 Abstract Test Suite for UNI Type 1 February 2008.

1 Introducing the Specifications of the Metro Ethernet Forum MEF 19 Abstract Test Suite for UNI Type 1 February 2008.
When Applications can Roam Freely OSGi Service Platform R4 Peter Kriens Technical Director OSGi

When Applications can Roam Freely OSGi Service Platform R4 Peter Kriens Technical Director OSGi
A Media Subscription Service By Peter Kriens CEO aQute OSGi Technology Officer www.aQute.se.

A Media Subscription Service By Peter Kriens CEO aQute OSGi Technology Officer
©2003 aQute, All Rights Reserved Tokyo, August 2003 : 1 OSGi Service Platform Tokyo August 28, 2003 Peter Kriens CEO aQute, OSGi Fellow www.aQute.biz.

©2003 aQute, All Rights Reserved Tokyo, August 2003 : 1 OSGi Service Platform Tokyo August 28, 2003 Peter Kriens CEO aQute, OSGi Fellow
©1999-2002 OSGi, All Rights Reserved - Brussel Jan 22 Ertico/OSGi Tech Spec Overview: Introduction OSGi R3 and Remote Management Ertico/OSGi meeting Jan.

© OSGi, All Rights Reserved - Brussel Jan 22 Ertico/OSGi Tech Spec Overview: Introduction OSGi R3 and Remote Management Ertico/OSGi meeting Jan.
Starting With The OSGi Specifications By Peter Kriens, CEO aQute OSGi Fellow www.aQute.se.

Starting With The OSGi Specifications By Peter Kriens, CEO aQute OSGi Fellow
AQute R4 By Peter Kriens CEO aQute OSGi Technology Officer and OSGi Fellow.

AQute R4 By Peter Kriens CEO aQute OSGi Technology Officer and OSGi Fellow.
AQute Bundle Programming By Peter Kriens CEO aQute OSGi Technology Officer and OSGi Fellow.

AQute Bundle Programming By Peter Kriens CEO aQute OSGi Technology Officer and OSGi Fellow.
AQute R4 MEG By Peter Kriens CEO aQute OSGi Technology Officer and OSGi Fellow.

AQute R4 MEG By Peter Kriens CEO aQute OSGi Technology Officer and OSGi Fellow.
aQute Bundle Programming By Peter Kriens CEO aQute OSGi Director of Technology & OSGi Fellow.

aQute Bundle Programming By Peter Kriens CEO aQute OSGi Director of Technology & OSGi Fellow.

Similar presentations

Ads by Google