The PACAP Prototype: A Tool for Detecting Java Card Illegal Flow

This paper presents some practical issues of a joint project between Gemplus and ONERA. In this approach, a smart card issuer can verify that a new applet securely interacts with already loaded applets. A security policy has been defined that associates levels to applet attributes and methods and defines authorized flows between levels. We propose a technique based on model checking to verify that actual information flows between applets are authorized. In this paper, we focus on the development of the prototype of the analyzer and we present the first results.

[1]  Geoffrey Smith,et al.  Secure information flow in a multi-threaded imperative language , 1998, POPL '98.

[2]  Tobias Nipkow Verified Bytecode Verifiers , 2001, FoSSaCS.

[3]  Joachim Posegga,et al.  Byte Code Verification for Java Smart Card Based on Model Checking , 1998, ESORICS.

[4]  Andrew C. Myers,et al.  A decentralized model for information flow control , 1997, SOSP.

[5]  Daniel Le Métayer,et al.  Verification of control flow based security properties , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[6]  Pierre Girard Which Security Policy for Multiplication Smart Cards? , 1999, Smartcard.

[7]  Pierre Girard Formalisation et mise en œuvre d'une analyse statique de code en vue de la vérification d'applications sécurisées , 1996 .

[8]  Jean-Louis Lanet,et al.  Checking Secure Interactions of Smart Card Applets , 2000, ESORICS.

[9]  Jean-Louis Lanet,et al.  Report highlights: New security issues raised by open cards , 1999 .

[10]  Jean-Louis Lanet,et al.  New security issues raised by open cards , 1999, Inf. Secur. Tech. Rep..

[11]  Jean-Louis Lanet,et al.  Electronic Purse Applet Certification: extended abstract , 2000, Electron. Notes Theor. Comput. Sci..

[12]  ToulouseFrance Colin O'HALLORAN Formal Validation of Software for Secure Systems , 1995 .

[13]  Cristina Cifuentes,et al.  Reverse compilation techniques , 1994 .

[14]  Frédéric Cuppens,et al.  A Logical View of Secure Dependencies , 1992, J. Comput. Secur..

[15]  Xavier Leroy,et al.  Security properties of typed applets , 1998, POPL '98.

[16]  Stephen N. Freund,et al.  A type system for object initialization in the Java bytecode language , 1998, OOPSLA '98.