New security problems raised by open multiapplication smart cards
نویسندگان
چکیده
Till recently it was impossible to have more than one single application running on a smart card. Multiapplication cards, and especially Java Cards, now make it possible to have several applications sharing the same physical piece of plastic. This raises new security problems by creating additional ways to attack a card. These problems are the topic of this paper. The attacks will be described for multiapplication cards in general and illustrated by means of code samples for Java Cards.
منابع مشابه
Java Card or How to Cope with the New Security Issues Raised by Open Cards?
In this paper, we aim to discuss various threats raised by Java Cards at various levels of the system. First, we address the Java Card platform security itself, from the chip security features to the Java Card virtual machine. Next, we expose how to deal with application security which is a standard problem for smart card manufacturers but a quite new one for third party Java developers beginni...
متن کاملElectronic Purse Applet Certification ? ( Extended
The paper describes the status of a joint project between Gemplus and ONERA. Gemplus developed an electronic purse running on Java enabled smart cards. The project goal is to verify security properties that should be enforced by the applets involved in this application. A security policy has been defined that associates levels to applet attributes and methods and defines authorized flows betwee...
متن کاملElectronic Purse Applet Certiication: Extended Abstract
The paper describes the status of a joint project between Gemplus and ONERA. Gemplus developed an electronic purse running on Java enabled smart cards. The project goal is to verify security properties that should be enforced by the applets involved in this application. A security policy has been de ned that associates levels to applet attributes and methods and de nes authorized ows between le...
متن کاملAn Efficient and Simple Way to Test the Security of Java CardsTM
Till recently it was impossible to have more than one single application running on a smart card. Multiapplication cards, and especially Java Cards, now make it possible to have several applications sharing the same physical piece of plastic. Today, these cards accept to load code only after an authentication. But in the future, the cards will be open an everybody should be authorized to upload...
متن کاملOn Practical Information Flow Policies for Java-Enabled Multiapplication Smart Cards
In the multiapplicative context of smart cards, a strict control of underlying information flow between applications is highly desired. In this paper we propose a model to improve information flow usability in such systems by limiting the overhead for adding information flow security to a Java Virtual Machine. We define a domain specific language for defining security policies describing the al...
متن کامل