论文信息 - Enforcement of applet boundaries in Java card systems

Enforcement of applet boundaries in Java card systems

In multi-application Java Cards, applet’s sensitive data must be protected against unauthorized accesses. Applet isolation is normally achieved through the firewall mechanism. The firewall allows an applet to access external objects only through an object sharing mechanism, called shareable interface. Firewall is based on the access control policy and does not control information propagation. This paper shows how extending the firewall with the inspection of call-stack of shareable interface methods contributes to avoid unwanted information flow that can arise as a result of method callback from one applet to another. This control detects the illegal information flow of the well-known Electronic Purse case study.

Luca Martini | Cinzia Bernardeschi

[1] Andrew C. Myers,et al. Language-based information-flow security , 2003, IEEE J. Sel. Areas Commun..

[2] Jean-Louis Lanet,et al. Electronic Purse Applet Certification: extended abstract , 2000, Electron. Notes Theor. Comput. Sci..

[3] Pierre Girard. Which Security Policy for Multiplication Smart Cards? , 1999, Smartcard.

[4] Ewen Denney,et al. An Operational Semantics of the Java Card Firewall , 2001, E-smart.

[5] Thomas P. Jensen,et al. Secure Object Flow Analysis for Java Card , 2002, CARDIS.

[6] Lars-Åke Fredlund,et al. Model Checking of Multi-Applet JavaCard Applications , 2002, CARDIS.

[7] Denis Caromel,et al. Context Inference for Static Analysis of Java Card Object Sharing , 2001, E-smart.

[8] Z. Chen. Java Card Technology for Smart Cards: Architecture and Programmer''s Guide. The Java Series. Addis , 2000 .

[9] Nicoletta De Francesco,et al. Combining Abstract Interpretation and Model Checking for Analysing Security Properties of Java Bytecode , 2002, VMCAI.

[10] Nicoletta De Francesco,et al. Using standard verifier to check secure information flow in Java bytecode , 2002, Proceedings 26th Annual International Computer Software and Applications.