Checking Absence of Illicit Applet Interactions: A Case Study

Huisman, Marieke; Gurov, Dilian; Sprenger, Christoph; Chugunov, Gennady

doi:10.1007/978-3-540-24721-0_6

Cited by 22 publications

(16 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Therefore, the ClaimChecker during validation of A parses all interfaces declared in the CAP file of A (lines 5-6) and checks with the Export component if the interface is exported. Thus the ClaimChecker successfully identifies all shareable interfaces (lines 9-12), and for each of these interfaces it goes through the declared method tokens matching them with the Provides A set (lines [8][9][10][11][12][13][14][15][16][17][18][19][20][21][22]. By definition of the shareable A and by construction of the ClaimChecker (in compliance with the JCRE specifications), shareable A ⊆ Provides A .…”

Section: VImentioning

confidence: 99%

See 1 more Smart Citation

Load time code validation for mobile phone Java Cards

Gadyatskaya

Massacci

Nguyen³

et al. 2013

Journal of Information Security and Applications

View full text Add to dashboard Cite

Over-the-air (OTA) application installation and updates have become a common experience for many endusers of mobile phones. In contrast, OTA updates for applications on the secure elements (such as smart cards) are still hindered by the challenging hardware and certification requirements.The paper describes a security framework for Java Card-based secure element applications. Each application can declare a set of services it provides and a set of services it wishes to call, and its own security policy. An on-card checker verifies compliance and enforces the policy; thus an off-card validation of the application is no longer required.The framework has been optimized in order to be integrated with the run-time environment embedded into a concrete card. This integration has been tried and tested by a smart card manufacturer. In this paper we present the formal security model of the approach, its overall architecture and the implementation footprint which can fit on a real secure element. We also report the lessons learned and the intricacies of integrating a research prototype with a protected loader of the manufacturer.

show abstract

Section: VImentioning

confidence: 99%

“…There were investigations [12,21,22,23] of static scenarios, when all applets are known and the composition is analyzed off-device. For example, Avvenuti et al [24] have developed the JBIFV tool which verifies whether a JC applet respects pre-defined information flow policies.…”

Section: Related Workmentioning

confidence: 99%

Load time code validation for mobile phone Java Cards

Gadyatskaya

Massacci

Nguyen³

et al. 2013

Journal of Information Security and Applications

View full text Add to dashboard Cite

show abstract

“…The reason for choosing Java Card and Multos is twofold: a) they represent two contrasting architectures to implement the rewall mechanism, and b) they are the two most deployed smart card platforms. Furthermore, the rewall mechanisms deployed in the ICOM are mature [28,29,185,187,188] and have been extensively studied [189] [192], which cannot be claimed for the UCOM.…”

Section: Application Sharing Mechanismmentioning

confidence: 99%

User Centric Security Model for Tamper-Resistant Devices

Akram

Markantonakis

Mayes

2011

2011 IEEE 8th International Conference on E-Business Engineering

View full text Add to dashboard Cite

“…These formalizations have been used to formally verify applet isolation and confidentiality properties [3,4,15]. With our type system, applet isolation can be mostly checked syntactically.…”

Section: Related Workmentioning

confidence: 99%

A Type System for Checking Applet Isolation in Java Card

Dietl

Müller

Poetzsch-Heffter

2005

Construction and Analysis of Safe, Secure, and Interoperable Smart Devices

View full text Add to dashboard Cite

Abstract. A Java Card applet is, in general, not allowed to access fields and methods of other applets on the same smart card. This applet isolation property is enforced by dynamic checks in the Java Card Virtual Machine. This paper describes a refined type system for Java Card that enables static checking of applet isolation. With this type system, firewall violations are detected at compile time. Only a special kind of downcast requires dynamic checks.

show abstract

Checking Absence of Illicit Applet Interactions: A Case Study

Cited by 22 publications

References 9 publications

Load time code validation for mobile phone Java Cards

Load time code validation for mobile phone Java Cards

User Centric Security Model for Tamper-Resistant Devices

A Type System for Checking Applet Isolation in Java Card

Contact Info

Product

Resources

About