Presentation is loading. Please wait.

Presentation is loading. Please wait.

MEG & VEG Architecture Peter Kriens, CEO, aQute Contents Why a Mobile Specification?Why a Mobile Specification? Overall ArchitectureOverall Architecture.

Published byBlake Scott Modified over 10 years ago

Similar presentations

Presentation on theme: "MEG & VEG Architecture Peter Kriens, CEO, aQute Contents Why a Mobile Specification?Why a Mobile Specification? Overall ArchitectureOverall Architecture."— Presentation transcript:

1

2 MEG & VEG Architecture Peter Kriens, CEO, aQute

3 Contents Why a Mobile Specification?Why a Mobile Specification? Overall ArchitectureOverall Architecture ProfileProfile DeploymentDeployment Device ManagementDevice Management Application ModelApplication Model Foreign ApplicationsForeign Applications Relation to JCPRelation to JCP Road AheadRoad Ahead

4 Why a Mobile Specification? MIDP is very successful for mobile devicesMIDP is very successful for mobile devices –Over 200 million devices sold –Multi billion dollar market –Highly Profitable So who needs an OSGi handy?So who needs an OSGi handy?

5 Why a Mobile Specification? Mobile Devices are becoming very powerfulMobile Devices are becoming very powerful –200 Mhz+ Processors –Flash has become very cheap End user street prices1 Gb $68, 128 Mb $13End user street prices1 Gb $68, 128 Mb $13 –Displays become bigger and more useful –Networked Wifi, GPRS, 3GT, UMTSWifi, GPRS, 3GT, UMTS Are games the market for such powerful devices?Are games the market for such powerful devices?

6 Why a Mobile Specification? The next generation of mobile devices brings Enterprise Applications into rangeThe next generation of mobile devices brings Enterprise Applications into range –Sales Support, Expert Systems, Administrative, Data Acquisition, … Enterprise ApplicationsEnterprise Applications –Are exponentially more complex than games –Require high security for all facets –Require collaboration between different applications –Will connect to a myriad of devices –Require lots of middleware Is MIDP up to this?Is MIDP up to this?

7 Why a Mobile Specification? Additionally there is a silent software crisis at device manufacturersAdditionally there is a silent software crisis at device manufacturers Operators require their devices to be heavily customizedOperators require their devices to be heavily customized Managing all these configurations is a tremendous task that negatively influences:Managing all these configurations is a tremendous task that negatively influences: –Product development cost –Technical support –Developing new features Is MIDP really the solution here?Is MIDP really the solution here?

8 Dont think so …

9 Over Architecture What are the required features for a Mobile Software Platform?What are the required features for a Mobile Software Platform? Very High SecurityVery High Security –Protects against viruses –Allows mixing and matching applications from different sources Strong modularity supportStrong modularity support –Applications from different sources can coexist –Share libraries in a controlled way

10 Why a Mobile Specification? Collaboration ModelCollaboration Model –Smaller components: easier to develop –Mix and match: more flexible procurement –Plugin model widens the scope of devices Remote ManagementRemote Management –Maintain quality of service –After sales applications –Low maintenance cost Management by EnterprisesManagement by Enterprises –Allow Enterprise to manage part of the device

11 Overall Architecture Operator Enterprise Devices Developers

12 OSGi Service Platform Mobile Architecture Overview Log Deployment EventAdmin Appl Container DmtAdmin Config Admin Application Admin Download Agent Monitor Admin Services management server Cond. Perm Admin Services Foreign Applications Start Level Package Admin

13 What Was Missing In OSGi R3 End-to-end DeploymentEnd-to-end Deployment Device ManagementDevice Management Device MonitoringDevice Monitoring Application ModelApplication Model Foreign Application supportForeign Application support Security Policy Model based on mobile conditionsSecurity Policy Model based on mobile conditions –Subscriber (IMSI) –Device Type (IMEI)

14 Security Java 2 Permissions Java 2 Permissions Per Bundle Permissions Per Bundle Permissions Each Bundle carries its own permissions Each Bundle carries its own permissions This set of permissions can never be exceeded This set of permissions can never be exceeded Bundle Signing is completely specified Bundle Signing is completely specified Authentication of bundles Authentication of bundles Permission Management via: Permission Management via: Signers Signers Location of origin Location of origin Custom condition Custom condition R4 Core Security is equipped to handle MEG Requirements R4 Core Security is equipped to handle MEG Requirements

15 Security Provide a flexible policy management for a delegated management modelProvide a flexible policy management for a delegated management model An Operator must be able to sell a device to an Enterprise and be assured the enterprise can not do anything the Operator does not wantAn Operator must be able to sell a device to an Enterprise and be assured the enterprise can not do anything the Operator does not want The Enterprise administrator must be able to give the device to a person and restrict the possibilities furtherThe Enterprise administrator must be able to give the device to a person and restrict the possibilities further Bundles must be restricted to only the permissions they needBundles must be restricted to only the permissions they need Operator Enterprise Sales Management domain Bundle

16 Security Layer Signing based on Public Key CryptographySigning based on Public Key Cryptography –Operator signs signing certificate of Deployer Developer adds a local permissions file to the bundleDeveloper adds a local permissions file to the bundle –Easy to read The local permissions are audited by the DeployerThe local permissions are audited by the Deployer Deployer signs the bundleDeployer signs the bundle The bundle gets deployed on a Service PlatformThe bundle gets deployed on a Service Platform The permissions of the bundle are the intersection of:The permissions of the bundle are the intersection of: –Local permissions –System permissions for that signer Operator remains in full control at all timesOperator remains in full control at all times Bundle A controls local permissions signature OSGi Service Platform system permissions S Enterprise Developer Operator

17 Security Layer Permissions can be assigned based on:Permissions can be assigned based on: –Signer –Location (Channel) –Custom Condition Multiple signers are possibleMultiple signers are possible –Bundle gets union of signer permissions No partial signing, all signers must sign all contentNo partial signing, all signers must sign all content Flexible management API for permissionsFlexible management API for permissions DynamicDynamic –changes take effect immediately Compatible with standard Java 2 VMsCompatible with standard Java 2 VMs –Take advantage of optimizations OSGi Service Platform system permissions & local permissions Bundle A Location, signer, custom

18 Security Layer Signer requires coarse grained to be feasibleSigner requires coarse grained to be feasible Bundle can use very fine grainedBundle can use very fine grained Standard PermissionsStandard Permissions –FilePermission –RuntimePermission –SocketPermission –… Framework permissionsFramework permissions –AdminPermission –ServicePermission –PackagePermission –BundlePermission Service PermissionsService Permissions –ConfigurationPermission –EventPermission –ApplicationPermission Fine grained local permissions Coarse grained system permissions

19 Deployment Admin Deployment AdminDeployment Admin –Adds new deployment artifact: Deployment Package (DP) –Groups bundles, resources and other artifacts Flexible Deployment format for –Bundles –Meglets –Configuration data –Custom types with Resource Processors SignedSigned –Tamper proof –Security

20 Deployment Admin Run custom code at installation, updated, and uninstallationRun custom code at installation, updated, and uninstallation –Database conversion –Installation scripts Fix Packs, a delta formatFix Packs, a delta format –Reduce download time Deployment Packages are first class citizensDeployment Packages are first class citizens Extensive information is available to troubleshootExtensive information is available to troubleshoot

21 Deployment Admin Service Deployment Admin provides the possibility to install and update Deployment PackagesDeployment Admin provides the possibility to install and update Deployment Packages Deployment Packages areDeployment Packages are –A set of bundles with associated Resource Processor –Transactional –No sharing with other Deployment Packages Resource Processors provide the semantics for the bitsof the resources in the JAR fileResource Processors provide the semantics for the bitsof the resources in the JAR file –Process (install) –Drop (uninstall) Security based on the permissions associated with the signer of the Deployment PackageSecurity based on the permissions associated with the signer of the Deployment Package Depl. Admin Resource Processor DeploymentAdmin Rrsrc. Proc. DmtDataPlugin EventAdmin Autoconf

22 Deployment Admin Service Deployment PackageDeployment Package –Based on JAR Format Manifest describes the resources and associates them with a Resource ProcessorManifest describes the resources and associates them with a Resource Processor Fix PackagesFix Packages –Provide only updated contents manifest.mf signer.sf signer.rsa bundle-A.jar bundle-B.jar autoconf.xml certificates.cer Global section Name: bundle-A.jar SHA1-Digest: RTasy&yasi987iasj= Bundle-SymbolicName: com.acme.a Bundle-Version: 2.1 Name: certificates.cr SHA1-Digest: lkMjUasm87asj&jasloe DP-ResourceProcessor: com.acme.c509 Certificate Processor Resource Processor

23 Deployment Admin Service CustomizersCustomizers A Deployment Package can contain its own Resource Processor bundleA Deployment Package can contain its own Resource Processor bundle This customizer is installed and started before other bundles in the Deployment PackageThis customizer is installed and started before other bundles in the Deployment Package It registers a Resource Processor serviceIt registers a Resource Processor service The Deployment Admin will only allow contents from the correct DP to be processed by the customizerThe Deployment Admin will only allow contents from the correct DP to be processed by the customizer The customizer gets access to the private data area of its related bundlesThe customizer gets access to the private data area of its related bundles DP Customizer Depl. Admin bundle A

24 Device Management The basic OSGi architecture is management protocol agnosticThe basic OSGi architecture is management protocol agnostic –Provides a model where many parties can participate What is missing is an abstraction to manage a device in detailWhat is missing is an abstraction to manage a device in detail The OMA DM protocol is dominant in the mobile device marketThe OMA DM protocol is dominant in the mobile device market –Will be supported by a wide range of devices The MEG therefore supports the OMA DM management model with the Dmt Admin ServiceThe MEG therefore supports the OMA DM management model with the Dmt Admin Service

25 Dmt Admin Generic API to manipulate the Device Management TreeGeneric API to manipulate the Device Management Tree –Single consistent API for applications to interact with the configuration of the device Seamless interaction with the management of the native deviceSeamless interaction with the management of the native device –Tree can be partly implemented in the native device, partly in Java. Device Battery Level OSGi log query1 query2 cfg Log Config Admin Native code

26 Dmt Admin Implementation of the tree nodes can be provided by downloadable servicesImplementation of the tree nodes can be provided by downloadable services –Useful for extensions, accessories, options Extensive Meta modelExtensive Meta model –Provide rich GUIs with very little effort –Validation and this reliability TransactionalTransactional –Reliability –Partly implementation specific API based on OMA DMAPI based on OMA DM –Supports other protocols

27 Monitoring Light weight solution for bundles to provide status variables to the management systemLight weight solution for bundles to provide status variables to the management system –Free space, thread usage, database usage Status Variables are mapped to the DMTStatus Variables are mapped to the DMT –Provides unified access by the management system A schedule can be created to query the variables at a regular intervalA schedule can be created to query the variables at a regular interval –Debugging –Performance tuning –Optimizing Monitorable Monitor Admin Monitor Admin Data Plugin Any Bundle …

28 Generic Application Model A generic model that is intended to abstract different application models so they can be treated as oneA generic model that is intended to abstract different application models so they can be treated as one –Provides for third party screen managers Provides for rich GUIsProvides for rich GUIs –Icons, help, etc. –Can monitor the state of running instances Applications can be scheduled for execution when a specific event arrivesApplications can be scheduled for execution when a specific event arrives –Calendar notification Interacts with JSR 211 Content HandlersInteracts with JSR 211 Content Handlers Application Model Symbian Screen Manager MIDP 1.0MIDP 2.0

29 Foreign Applications MIDP, BREW, Symbian, DOJO, XLet, Applet, …MIDP, BREW, Symbian, DOJO, XLet, Applet, … An OSGi Mobile Device is required to provide application containers for different application models.An OSGi Mobile Device is required to provide application containers for different application models. The Application Model manages these applicationsThe Application Model manages these applications Some models use JavaSome models use Java –Why not provide access to OSGi functionality The Foreign Application Model defines how non-OSGi Applications can access and provide servicesThe Foreign Application Model defines how non-OSGi Applications can access and provide services –Header usage –Access to Framework class MIDP 2.0 org.osgi.applicationFramework MIDP 1.0XLet

30 VEG

31 OSGi Vehicle Architecture The OSGi Vehicle Profile shares its architecture with the Mobile ProfileThe OSGi Vehicle Profile shares its architecture with the Mobile Profile The Vehicle Profile provides specific vehicle oriented servicesThe Vehicle Profile provides specific vehicle oriented services The Vehicle Profile uses many more of the Core Compendium Services because it is more matureThe Vehicle Profile uses many more of the Core Compendium Services because it is more mature It is likely the vertical profiles will come closer in the futureIt is likely the vertical profiles will come closer in the future

32 Vehicle Profile Start Level ServiceStart Level Service URL HandlersURL Handlers Package Admin ServicePackage Admin Service Permission Admin ServicePermission Admin Service Log ServiceLog Service Http ServiceHttp Service Device AccessDevice Access Configuration Admin ServiceConfiguration Admin Service Metatype(2) ServiceMetatype(2) Service Preference ServicePreference Service User Admin ServiceUser Admin Service Wire Admin ServiceWire Admin Service IO Connector ServiceIO Connector Service Declarative ServicesDeclarative Services Event Admin ServiceEvent Admin Service Power Management ServicePower Management Service Diagnostic ServiceDiagnostic Service Service Tracker UtilityService Tracker Utility XML Parser UtilityXML Parser Utility Position UtilityPosition Utility Measurement and State UtilityMeasurement and State Utility

33 Power Management The power management service makes power management pluggableThe power management service makes power management pluggable The system power state can be set externallyThe system power state can be set externally –Full Power –PM Active –Suspend –Sleep –Power off is mapped to different device power stateis mapped to different device power state –D0-D3 power states Power manager can take device specific capabilities in considerationPower manager can take device specific capabilities in consideration An observer bundle can follow the transitions in the system and device power stateAn observer bundle can follow the transitions in the system and device power state Device Power State Power Manager System Power State Listener Observer Device Power Impl System Power System Power Device Power State Listener

34 And now for something completely different …And now for something completely different …

35 Relation to JCP The relation to the JCP is troublesomeThe relation to the JCP is troublesome Several JSRs overlap with JSR 232Several JSRs overlap with JSR 232 JSR 277 ModularizationJSR 277 Modularization –However, long way off from J2ME JSR 271 MIDP 3.0JSR 271 MIDP 3.0 –Is addressing some of the solutions that MEG provides JSR 246 OMA DM AccessJSR 246 OMA DM Access –Based on JSR 232 Dmt Admin, but slightly different –Needs to be merged JSR 249/248 MSA CDC/CLDCJSR 249/248 MSA CDC/CLDC –Must select JSR 232 to make MEG viable JSR 232 OSGi MEG JSR 277 Modules JSR 246 OMA DM JSR 271 MIDP 3.0 JSR 248/249 MSA CDC/CLDC

36 Conclusion The Mobile and Vehicle Profiles are taking advantage of the powerful OSGi R4 Service PlatformThe Mobile and Vehicle Profiles are taking advantage of the powerful OSGi R4 Service Platform The Mobile Platform focuses on deployment and device managementThe Mobile Platform focuses on deployment and device management –Applications will be foreign applications –Mobile APIs will be derived from JCP JSRs The Vehicle Platform provides a more extensive application environmentThe Vehicle Platform provides a more extensive application environment Both platforms provide share more than they differBoth platforms provide share more than they differ The OSGi Service Platform provides therefore many opportunities for applications that can live in both markets.The OSGi Service Platform provides therefore many opportunities for applications that can live in both markets.

37

Download ppt "MEG & VEG Architecture Peter Kriens, CEO, aQute Contents Why a Mobile Specification?Why a Mobile Specification? Overall ArchitectureOverall Architecture."

Similar presentations

© Copyright 2007 Exempler Telecom Test Automation System Exempler - We pride ourselves with providing lightweight robust engineering solutions.

© Copyright 2007 Exempler Telecom Test Automation System Exempler - We pride ourselves with providing lightweight robust engineering solutions.
This course is designed for system managers/administrators to better understand the SAAZ Desktop and Server Management components Students will learn.

This course is designed for system managers/administrators to better understand the SAAZ Desktop and Server Management components Students will learn.
When Applications can Roam Freely OSGi Service Platform R4 Peter Kriens Technical Director OSGi

When Applications can Roam Freely OSGi Service Platform R4 Peter Kriens Technical Director OSGi
A Media Subscription Service By Peter Kriens CEO aQute OSGi Technology Officer www.aQute.se.

A Media Subscription Service By Peter Kriens CEO aQute OSGi Technology Officer
Universal Middleware Peter Kriens Technical Director OSGi

Universal Middleware Peter Kriens Technical Director OSGi
©2003 aQute, All Rights Reserved Tokyo, August 2003 : 1 OSGi Service Platform Tokyo August 28, 2003 Peter Kriens CEO aQute, OSGi Fellow www.aQute.biz.

©2003 aQute, All Rights Reserved Tokyo, August 2003 : 1 OSGi Service Platform Tokyo August 28, 2003 Peter Kriens CEO aQute, OSGi Fellow
©1999-2002 OSGi, All Rights Reserved - Brussel Jan 22 Ertico/OSGi Tech Spec Overview: Introduction OSGi R3 and Remote Management Ertico/OSGi meeting Jan.

© OSGi, All Rights Reserved - Brussel Jan 22 Ertico/OSGi Tech Spec Overview: Introduction OSGi R3 and Remote Management Ertico/OSGi meeting Jan.
© copyright 2005 by aQute SARL All rights reserved. OSGi Basic Architecture OSGi User Group France 2005-05-27 By Peter Kriens Technical Director OSGi.

© copyright 2005 by aQute SARL All rights reserved. OSGi Basic Architecture OSGi User Group France By Peter Kriens Technical Director OSGi.
AQute Bundle Programming By Peter Kriens CEO aQute OSGi Technology Officer and OSGi Fellow.

AQute Bundle Programming By Peter Kriens CEO aQute OSGi Technology Officer and OSGi Fellow.
AQute R4 MEG By Peter Kriens CEO aQute OSGi Technology Officer and OSGi Fellow.

AQute R4 MEG By Peter Kriens CEO aQute OSGi Technology Officer and OSGi Fellow.
Describing Complex Products as Configurations using APL Arrays.

Describing Complex Products as Configurations using APL Arrays.
Data Management Expert Panel - WP2. WP2 Overview.

Data Management Expert Panel - WP2. WP2 Overview.
COMBASE: strategic content management system Soft Format, 2006.

COMBASE: strategic content management system Soft Format, 2006.
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.

Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
GridFTP: File Transfer Protocol in Grid Computing Networks

GridFTP: File Transfer Protocol in Grid Computing Networks
A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.

A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.
Introduction to push technology © 2009 Research In Motion Limited.

Introduction to push technology © 2009 Research In Motion Limited.
UNDERSTANDING JAVA APIS FOR MOBILE DEVICES v0.01.

UNDERSTANDING JAVA APIS FOR MOBILE DEVICES v0.01.
System Center Configuration Manager Push Software By, Teresa Behm.

System Center Configuration Manager Push Software By, Teresa Behm.
Apache Axis2 - OSGi Integration in WSO2 Carbon Platform

Apache Axis2 - OSGi Integration in WSO2 Carbon Platform

Similar presentations

Ads by Google