Enforcing High-Level Security Properties for Applets
نویسندگان
چکیده
Smart card applications often handle privacy-sensitive information, and therefore must obey certain security policies. Typically, such policies are described as high-level security properties, stating for example that no pin verification must take place within a transaction. Behavioural interface specification languages, such as JML (Java Modeling Language), have been successfully used to validate functional properties of smart card applications. However, high-level security properties cannot directly be expressed in such languages. Therefore, this paper proposes a method to translate high-level security properties into JML annotations. The method synthesises appropriate annotations and weaves them throughout the application. In this way, security policies can be validated using existing tools for JML. The method is general and applies to a large class of security properties. To validate the method, it has been applied to several realistic examples of smart card applications. This allowed us to find violations against the documented security policies for some of these applications.
منابع مشابه
Formal Proof of Smart Card Applets Correctness
The new Gemplus smart card is based on the Java technology, embedding a virtual machine. The security policy uses mechanisms that are based on Java properties. This language provides segregation between applets. But due to the smart card constraints a byte code verifier can not be embedded. Moreover, in order to maximise the number of applets the byte code must be optimised. The security proper...
متن کاملFormal Development of Safe and Secure Java Card Applets
This thesis is concerned with formal development of JAVA CARD applets. JAVA CARD is a technology that provides a means to program smart cards with (a subset of) the JAVA language. In recent years JAVA CARD technology gained great interest in the formal verification community. There are two reasons for this. Due to the sensitive nature (e.g., security, maintenance costs) of JAVA CARD applets, fo...
متن کاملEnforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کاملUsing Reflection as a Mechanism for Enforcing Security Policies in Mobile Code
Several authors have proposed using code modification as a technique for enforcing security policies such as resource limits, access controls, and network information flows. However, these approaches are typically ad hoc and are implemented without a high level abstract framework for code modification. We propose using reflection as a mechanism for implementing code modifications within an abst...
متن کاملApplet Verification Strategiesfor RAM-Constrained Devices
While bringing considerable flexibility and extending the horizons of mobile computing, mobile code raises major security issues. Hence, mobile code, such as Java applets, needs to be analyzed before execution. The byte-code verifier checks low-level security properties that ensure that the downloaded code cannot bypass the virtual machine’s security mechanisms. One of the statically ensured pr...
متن کامل