Formal Model and Implementation of the Java Card Dynamic Security Policy
نویسنده
چکیده
Résumé. Les méthodes formelles sont aujourd’hui un moyen d’améliorer la qualité des processus de developpement logiciel. Cet article propose une application de la méthode B, méthode formelle basée sur la théorie ensembliste, au domaine d’activité spécifique qu’est la Java Card. Les cartes à puce sont un élément de la sécurité des systèmes d’information. L’assurance du respect de la sécurité peut être obtenu via une certification. Dès lors, les méthodes formelles se révèlent nécessaires pour des certifications de niveau élevé. L’étude porte en effet sur la modélisation formelle de la politique de sécurité interne de la Java Card et des mécanismes qui l’implémentent. Pour ce faire, nous utilisons le mécanisme de raffinement, particulièrement adapté dans ce contexte.
منابع مشابه
Embedding Formal Development into a Smart Card : The Java Card Byte Code verifier case study
The Java security policy is implemented by security components such as the Java Virtual Machine (JVM), the API, the verifier, the loader. It is of prime importance to ensure that the implementation of these components is in accordance with their specifications. Formal methods can be used to bring the mathematical proof that the implementation of these components corresponds to their specificati...
متن کاملModel and Implementation of the Java Card Dynamic Security Policy
ly, an access request is represented by a relation between a context and an object. All the relations will be specified in a future refinement.
متن کاملFormal Development of an Embedded Verifier for Java Card Byte Code
The Java security policy is implemented by security components such as the Java Virtual Machine (JVM), the API, the verifier, the loader. It is of prime importance to ensure that the implementation of these components is in accordance with their specifications. Formal methods can be used to bring the mathematical proof that the implementation of these components corresponds to their specificati...
متن کاملDevelopment of an Embedded Verifier for Java Card Byte Code using Formal Methods Ludovic
The Java security policy is implemented using security components such as a Java Virtual Machine (JVM), API, verifier, and a loader. It is of prime importance to ensure that these components are implemented in accordance with their specifications. Formal methods can be used to bring the mathematical proof that their implementation corresponds to their specification. In this paper, we introduce ...
متن کاملModeling and Analyzing Integrated Policies
MODELING AND ANALYZING INTEGRATED POLICIES Michael McDougall Carl A. Gunter and Rajeev Alur Smart card technology has advanced to the point where computerized cards the size of credit cards can hold multiple interacting programs. These multi-applet cards are beginning to be exploited by business and government in security, transport and financial applications. We conduct a thorough analysis of ...
متن کاملDéveloppement formel d'un vérifieur embarqué de byte-code Java
The Java security policy is implemented by security components such as the Java Virtual Machine (JVM), the verifier and the loader. It is of prime importance to ensure that the implementation of these components is in accordance with their specifications. Formal methods can be used to bring the mathematical proof that the implementation of these components corresponds to their specification. In...
متن کامل