Electronic Purse Applet Certification: extended abstract
نویسندگان
چکیده
The paper describes the status of a joint project between Gemplus and ONERA. Gemplus developed an electronic purse running on Java enabled smart cards. The project goal is to verify security properties that should be enforced by the applets involved in this application. A security policy has been deened that associates levels to applet attributes and methods and deenes authorized ows between levels. We propose a technique based on model checking to verify that actual information ows between applets are authorized. 1 Context and case study 1.1 Open smart cards A new type of smart cards is getting more and more attractive: multiapplica-tion smart cards. The main characteristics of such cards are that applications can be loaded after the card issuance and that several applications run on the same card. A few operating systems have been proposed to manage multiap-plication smart cards, namely Java C a r d 2 , Multos 3 and more recently Smart Cards for Windows 4. In this paper, we will focus on Java Card. Following 1 The Pacap project is partially funded by MENRT d ecision d'aide 98.B.0251 2
منابع مشابه
Electronic Purse Applet Certification ? ( Extended
The paper describes the status of a joint project between Gemplus and ONERA. Gemplus developed an electronic purse running on Java enabled smart cards. The project goal is to verify security properties that should be enforced by the applets involved in this application. A security policy has been defined that associates levels to applet attributes and methods and defines authorized flows betwee...
متن کاملElectronic Purse Applet Certiication: Extended Abstract
The paper describes the status of a joint project between Gemplus and ONERA. Gemplus developed an electronic purse running on Java enabled smart cards. The project goal is to verify security properties that should be enforced by the applets involved in this application. A security policy has been de ned that associates levels to applet attributes and methods and de nes authorized ows between le...
متن کاملChecking Secure Interactions of Smart Card Applets: Extended Version
This paper presents an approach enabling a smart card is-suer to verify that a new applet securely interacts with already down-loaded applets. A security policy has been deened that associates levels to applet attributes and methods and deenes authorized ows between levels. We propose a technique based on model checking to verify that actual information ows between applets are authorized. We il...
متن کاملEnforcement of applet boundaries in Java card systems
In multi-application Java Cards, applet’s sensitive data must be protected against unauthorized accesses. Applet isolation is normally achieved through the firewall mechanism. The firewall allows an applet to access external objects only through an object sharing mechanism, called shareable interface. Firewall is based on the access control policy and does not control information propagation. T...
متن کاملTools for automated conformance testing of Java Card applets
In this article we describe a methodology enabling to automatically gener ate test suits for Java Card applets The considered case study is a classical electronic purse We use two complementary tools TGV to generate test data and Umlaut to design an object oriented model and to translate it into the input format of TGV The integration of those tools in an industrial process is evaluated in the ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Electr. Notes Theor. Comput. Sci.
دوره 32 شماره
صفحات -
تاریخ انتشار 2000