Checking Secure Interactions of Smart Card Applets
نویسندگان
چکیده
This paper presents an approach enabling a smart card issuer to verify that a new applet securely interacts with already downloaded applets. A security policy has been de ned that associates levels to applet attributes and methods and de nes authorized ows between levels. We propose a technique based on model checking to verify that actual information ows between applets are authorized. We illustrate our approach on applets involved in an electronic purse running on Java enabled smart cards.
منابع مشابه
Checking Secure Interactions of Smart Card Applets: Extended Version
This paper presents an approach enabling a smart card is-suer to verify that a new applet securely interacts with already down-loaded applets. A security policy has been deened that associates levels to applet attributes and methods and deenes authorized ows between levels. We propose a technique based on model checking to verify that actual information ows between applets are authorized. We il...
متن کاملChecking Secure Interactions of Smart Card
This paper presents an approach enabling a smart card is suer to verify that a new applet securely interacts with already down loaded applets A security policy has been de ned that associates levels to applet attributes and methods and de nes authorized ows between levels We propose a technique based on model checking to verify that actual information ows between applets are authorized We illus...
متن کاملChecking Absence of Illicit Applet Interactions: A Case Study
This paper presents the use of a method – and its corresponding tool set – for compositional verification of applet interactions on a realistic industrial smart card case study. The case study, an electronic purse, is provided by smart card producer Gemplus as a test case for formal methods for smart cards. The verification method focuses on the possible interactions between different applets, ...
متن کاملUSENIX Association Proceedings of the 5 th Smart Card Research and Advanced Application Conference
The paper describes a framework for model checking JavaCard applets on the bytecode level. From a set of JavaCard applets we extract their method call graphs using a static analysis tool. The resulting structure is translated into a pushdown system for which the model checking problem for Linear Temporal Logic (LTL) is decidable, and for which there are efficient model checking tools available....
متن کاملElectronic Purse Applet Certification ? ( Extended
The paper describes the status of a joint project between Gemplus and ONERA. Gemplus developed an electronic purse running on Java enabled smart cards. The project goal is to verify security properties that should be enforced by the applets involved in this application. A security policy has been defined that associates levels to applet attributes and methods and defines authorized flows betwee...
متن کامل