Formal Proof of Smart Card Applets Correctness
نویسندگان
چکیده
The new Gemplus smart card is based on the Java technology, embedding a virtual machine. The security policy uses mechanisms that are based on Java properties. This language provides segregation between applets. But due to the smart card constraints a byte code verifier can not be embedded. Moreover, in order to maximise the number of applets the byte code must be optimised. The security properties must be guaranteed despite of these optimisations. For this purpose, we propose an original manner to prove the equivalence between the interpreter of the JVM and our Java Card interpreter. It is based on the refinement and proof process of the B formal method.
منابع مشابه
Checking Absence of Illicit Applet Interactions: A Case Study
This paper presents the use of a method – and its corresponding tool set – for compositional verification of applet interactions on a realistic industrial smart card case study. The case study, an electronic purse, is provided by smart card producer Gemplus as a test case for formal methods for smart cards. The verification method focuses on the possible interactions between different applets, ...
متن کاملA Constructive Approach to Correctness, Exemplified by a Generator for Certified Java Card Applets
We present a constructive approach to correctness and exemplify it by describing a generator for certified Java Card applets that we are building. A proof of full functional correctness is generated, along with the code, from the specification; the proof can be independently checked by a simple proof checker, so that the larger and more complex generator needs not be trusted. We argue that such...
متن کاملJACK: Java Applet Correctness Kit
The paper presents a solution to improve the applet quality by allowing proof on Java Card annotated applets. It presents the chosen annotation language: JML that allows to formally specify each method and to give properties on fields. The innovative part of the paper is the presentation of the tools developed in the Gemplus Software Research Labs which allows proving the annotation by translat...
متن کاملToward Automatic Generation of Provably Correct Java Card Applets
This paper overviews an ongoing project aimed at developing an automatic generator of Java Card applets from higher-level spec(ification)s written in a domain-specific language called “SmartSlang”. The generator is based on Specware, a system for the formal specification and refinement of software. The applet generator translates a SmartSlang spec into the logical language of Specware, re-expre...
متن کاملJava bytecode verification with dynamic structures
Java applets run on a Virtual Machine that checks code’s integrity and correctness before execution using a module called Bytecode Verifier. Java Card technology allows Java applets to run on smart cards. Large memory space requirements of the verification process do not allow the implementation of a Bytecode Verifier embedded in the Java Card Virtual Machine. To address this feasibility proble...
متن کامل