Electronic Purse Applet Certification: extended abstract

نویسندگان

  • Pierre Bieber
  • Jacques Cazin
  • Virginie Wiels
  • Guy Zanon
  • Pierre Girard
  • Jean-Louis Lanet
چکیده

The paper describes the status of a joint project between Gemplus and ONERA. Gemplus developed an electronic purse running on Java enabled smart cards. The project goal is to verify security properties that should be enforced by the applets involved in this application. A security policy has been deened that associates levels to applet attributes and methods and deenes authorized ows between levels. We propose a technique based on model checking to verify that actual information ows between applets are authorized. 1 Context and case study 1.1 Open smart cards A new type of smart cards is getting more and more attractive: multiapplica-tion smart cards. The main characteristics of such cards are that applications can be loaded after the card issuance and that several applications run on the same card. A few operating systems have been proposed to manage multiap-plication smart cards, namely Java C a r d 2 , Multos 3 and more recently Smart Cards for Windows 4. In this paper, we will focus on Java Card. Following 1 The Pacap project is partially funded by MENRT d ecision d'aide 98.B.0251 2

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Electronic Purse Applet Certification ? ( Extended

The paper describes the status of a joint project between Gemplus and ONERA. Gemplus developed an electronic purse running on Java enabled smart cards. The project goal is to verify security properties that should be enforced by the applets involved in this application. A security policy has been defined that associates levels to applet attributes and methods and defines authorized flows betwee...

متن کامل

Electronic Purse Applet Certiication: Extended Abstract

The paper describes the status of a joint project between Gemplus and ONERA. Gemplus developed an electronic purse running on Java enabled smart cards. The project goal is to verify security properties that should be enforced by the applets involved in this application. A security policy has been de ned that associates levels to applet attributes and methods and de nes authorized ows between le...

متن کامل

Checking Secure Interactions of Smart Card Applets: Extended Version

This paper presents an approach enabling a smart card is-suer to verify that a new applet securely interacts with already down-loaded applets. A security policy has been deened that associates levels to applet attributes and methods and deenes authorized ows between levels. We propose a technique based on model checking to verify that actual information ows between applets are authorized. We il...

متن کامل

Enforcement of applet boundaries in Java card systems

In multi-application Java Cards, applet’s sensitive data must be protected against unauthorized accesses. Applet isolation is normally achieved through the firewall mechanism. The firewall allows an applet to access external objects only through an object sharing mechanism, called shareable interface. Firewall is based on the access control policy and does not control information propagation. T...

متن کامل

Tools for automated conformance testing of Java Card applets

In this article we describe a methodology enabling to automatically gener ate test suits for Java Card applets The considered case study is a classical electronic purse We use two complementary tools TGV to generate test data and Umlaut to design an object oriented model and to translate it into the input format of TGV The integration of those tools in an industrial process is evaluated in the ...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • Electr. Notes Theor. Comput. Sci.

دوره 32  شماره 

صفحات  -

تاریخ انتشار 2000