A Hardest Attacker for Leaking References

نویسنده

  • René Rydhof Hansen
چکیده

Java Card is a variant of Java designed for use in smart cards and other systems with limited resources. Applets running on a smart card are protected from each other by the applet firewall, allowing communication only through shared objects. Security can be breached if a reference to a shared object is leaked to a hostile applet. In this paper we develop a Control Flow Analysis for a small language based on Java Card, which will guarantee that sensitive object references can not be leaked to a particular (attack) applet. The analysis is used as a basis for formulating a hardest attacker that will expand the guarantee to cover all possible attackers.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Hardest Attackers

Most interesting properties of computer systems are inherently undecidable yet static analysis allows to automatically validate systems against such properties by making sure to always “err on the safe side”. We take this idea one step further by identifying “hardest attackers” in such a way that if the static analysis is able to demonstrate protection against the “hardest attacker” then the sy...

متن کامل

Validating firewalls using flow logics

The ambient calculus is a calculus of computation that allows active processes to communicate and to move between sites. A site is said to be a protective firewall whenever it denies entry to all attackers not possessing the required passwords. We devise a computationally sound test for validating the protectiveness of a proposed firewall and show how to perform the test in polynomial time. The...

متن کامل

Randomness Extraction via δ-Biased Masking in the Presence of a Quantum Attacker

Randomness extraction is of fundamental importance for information-theoretic cryptography. It allows to transform a raw key about which an attacker has some limited knowledge into a fully secure random key, on which the attacker has essentially no information. Up to date, only very few randomness-extraction techniques are known to work against an attacker holding quantum information on the raw ...

متن کامل

Randomness Extraction Via delta -Biased Masking in the Presence of a Quantum Attacker

Randomness extraction is of fundamental importance for information-theoretic cryptography. It allows to transform a raw key about which an attacker has some limited knowledge into a fully secure random key, on which the attacker has essentially no information. Up to date, only very few randomness-extraction techniques are known to work against an attacker holding quantum information on the raw ...

متن کامل

AN EXPERIMENTAL INVESTIGATION OF THE SOUNDS OF SILENCE METAHEURISTIC FOR THE MULTI-MODE RESOURCE-CONSTRAINED PROJECT SCHEDULING WITH PRE-OPTIMIZED REPERTOIRE ON THE HARDEST MMLIB+ SET

This paper presents an experimental investigation of the Sounds of Silence (SoS) harmony search metaheuristic for the multi-mode resource-constrained project scheduling problem (MRCPSP) using a pre-optimized starting repertoire. The presented algorithm is based on the time oriented version of the SoS harmony search metaheuristic developed by Csébfalvi et al. [1] for the single-mode resource-con...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2004