A Hardest Attacker for Leaking References
نویسنده
چکیده
Java Card is a variant of Java designed for use in smart cards and other systems with limited resources. Applets running on a smart card are protected from each other by the applet firewall, allowing communication only through shared objects. Security can be breached if a reference to a shared object is leaked to a hostile applet. In this paper we develop a Control Flow Analysis for a small language based on Java Card, which will guarantee that sensitive object references can not be leaked to a particular (attack) applet. The analysis is used as a basis for formulating a hardest attacker that will expand the guarantee to cover all possible attackers.
منابع مشابه
Hardest Attackers
Most interesting properties of computer systems are inherently undecidable yet static analysis allows to automatically validate systems against such properties by making sure to always “err on the safe side”. We take this idea one step further by identifying “hardest attackers” in such a way that if the static analysis is able to demonstrate protection against the “hardest attacker” then the sy...
متن کاملValidating firewalls using flow logics
The ambient calculus is a calculus of computation that allows active processes to communicate and to move between sites. A site is said to be a protective firewall whenever it denies entry to all attackers not possessing the required passwords. We devise a computationally sound test for validating the protectiveness of a proposed firewall and show how to perform the test in polynomial time. The...
متن کاملRandomness Extraction via δ-Biased Masking in the Presence of a Quantum Attacker
Randomness extraction is of fundamental importance for information-theoretic cryptography. It allows to transform a raw key about which an attacker has some limited knowledge into a fully secure random key, on which the attacker has essentially no information. Up to date, only very few randomness-extraction techniques are known to work against an attacker holding quantum information on the raw ...
متن کاملRandomness Extraction Via delta -Biased Masking in the Presence of a Quantum Attacker
Randomness extraction is of fundamental importance for information-theoretic cryptography. It allows to transform a raw key about which an attacker has some limited knowledge into a fully secure random key, on which the attacker has essentially no information. Up to date, only very few randomness-extraction techniques are known to work against an attacker holding quantum information on the raw ...
متن کاملAN EXPERIMENTAL INVESTIGATION OF THE SOUNDS OF SILENCE METAHEURISTIC FOR THE MULTI-MODE RESOURCE-CONSTRAINED PROJECT SCHEDULING WITH PRE-OPTIMIZED REPERTOIRE ON THE HARDEST MMLIB+ SET
This paper presents an experimental investigation of the Sounds of Silence (SoS) harmony search metaheuristic for the multi-mode resource-constrained project scheduling problem (MRCPSP) using a pre-optimized starting repertoire. The presented algorithm is based on the time oriented version of the SoS harmony search metaheuristic developed by Csébfalvi et al. [1] for the single-mode resource-con...
متن کامل