Enforcement of applet boundaries in Java card systems

نویسندگان

Cinzia Bernardeschi

Luca Martini

چکیده

In multi-application Java Cards, applet’s sensitive data must be protected against unauthorized accesses. Applet isolation is normally achieved through the firewall mechanism. The firewall allows an applet to access external objects only through an object sharing mechanism, called shareable interface. Firewall is based on the access control policy and does not control information propagation. This paper shows how extending the firewall with the inspection of call-stack of shareable interface methods contributes to avoid unwanted information flow that can arise as a result of method callback from one applet to another. This control detects the illegal information flow of the well-known Electronic Purse case study.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A Hardest Attacker for Leaking References

Java Card is a variant of Java designed for use in smart cards and other systems with limited resources. Applets running on a smart card are protected from each other by the applet firewall, allowing communication only through shared objects. Security can be breached if a reference to a shared object is leaked to a hostile applet. In this paper we develop a Control Flow Analysis for a small lan...

متن کامل

A Type System for Checking Applet Isolation in Java Card

A Java Card applet is, in general, not allowed to access fields and methods of other applets on the same smart card. This applet isolation property is enforced by dynamic checks in the Java Card Virtual Machine. This paper describes a refined type system for Java Card that enables static checking of applet isolation. With this type system, firewall violations are detected at compile time. Only ...

متن کامل

JAIL: Firewall Analysis of Java Card by Abstract Interpretation

We introduce JAIL, a tool for the static analysis and the verification of the applet isolation property of Java Card, where applet isolation means that one applet can not access the fields or objects of an applet in another context unless the other applet explicitly provides an interface for access. The tool statically checks whether the analyzed source code violates this property, thus detecti...

متن کامل

Guaranteeing Correctness Properties of a Java Card Applet

The paper describes an experiment in which a framework for model checking Java byte code, combined with the application of runtime monitoring techniques through code rewriting, was used to guarantee correctness properties of a Java Card applet.

متن کامل

Verification of Java Card Applets

This work covers a methodology to develop a behavioral interface specification based on an informal documentation for a given Java Card applet and to check and to verify the applet w.r.t. this specification. A combination of a static checking tool (ESC/Java) and an interactive program verification tool (JIVE) is used in this task. This work is part of the project VerifiCard which is supported b...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره شماره

صفحات -

تاریخ انتشار 2004

Enforcement of applet boundaries in Java card systems

نویسندگان

چکیده

منابع مشابه

A Hardest Attacker for Leaking References

A Type System for Checking Applet Isolation in Java Card

JAIL: Firewall Analysis of Java Card by Abstract Interpretation

Guaranteeing Correctness Properties of a Java Card Applet

Verification of Java Card Applets

عنوان ژورنال:

اشتراک گذاری