The structure of the “THE”-multiprogramming system
Communications of the ACM
Security Analysis of IKE's Signature-Based Key-Exchange Protocol
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Verification of a Formal Security Model for Multiapplicative Smart Cards
ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
Fuzzy Multi-Level Security: An Experiment on Quantified Risk-Adaptive Access Control
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
VLDB '07 Proceedings of the 33rd international conference on Very large data bases
Trusted computing and open source
Information Security Tech. Report
Near-field communication-based secure mobile payment service
Proceedings of the 11th International Conference on Electronic Commerce
Privacy is essential for secure mobile devices
IBM Journal of Research and Development
Implementing a high-assurance smart-card OS
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
Designing a side channel resistant random number generator
CARDIS'10 Proceedings of the 9th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Application
Hi-index | 0.00 |
The Caernarvon operating system was developed to demonstrate that a high assurance system for smart cards was technically feasible and commercially viable. The entire system has been designed to be evaluated under the Common Criteria at EAL7, the highest defined level of assurance. Historically, smart card processors have not supported the hardware protection features necessary to separate the OS from the applications, and one application from another. The Caernarvon OS has taken advantage of the first smart card processors with such features to be the first smart card OS to provide this kind of protection. Even when compared with conventional systems where the hardware protection is routine, the Caernarvon OS is noteworthy, because of the EAL7 assurance. This approach facilitated implementation of a formally specified, mandatory security policy providing multi-level security (MLS) suitable for both government agencies and commercial users. The mandatory security policy requires effective authentication of its users that is independent of applications. For this reason, the Caernarvon OS also contains a privacy-preserving, two-way authentication protocol integrated with the Mandatory Security Policy. The Caernarvon OS includes a strong cryptographic library that has been separately certified under the Common Criteria at EAL5+ for use with other systems. The Caernarvon OS implements a secure method for downloading trusted and untrusted application software and data in the field, with the assumption that all applications are potentially hostile. While the initial platform for the operating system was smart cards, the design could also be used in other embedded devices, such as USB tokens, PDAs, cell phones, etc.