Towards a Full Formal Specification of the JavaCard API
E-SMART '01 Proceedings of the International Conference on Research in Smart Cards: Smart Card Programming and Security
Verification of JAVA CARD Applets Behavior with Respect to Transactions and Card Tears
SEFM '06 Proceedings of the Fourth IEEE International Conference on Software Engineering and Formal Methods
JACK: a tool for validation of security and behaviour of Java applications
FMCO'06 Proceedings of the 5th international conference on Formal methods for components and objects
Verification of object-oriented software: The KeY approach
Verification of object-oriented software: The KeY approach
Certifying native java card API by formal refinement
CARDIS'06 Proceedings of the 7th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
Industrial Use of Formal Methods for a High-Level Security Evaluation
FM '08 Proceedings of the 15th international symposium on Formal Methods
| Hi-index | 0.00 |
This paper describes an approach to formally prove that an implementation of the Java Card Remote Method Invocation protocol on smart cards fulfills its functional and security specification. For that, we refine the specification in two intermediate formal models: the functional specification and the high level design. These two models are both defined upon an existing complete formal model of the Java Card virtual machine, allowing to formalize all the security requirements. We focus on certifying the Java code portion since the native portion has been handled in a previous work. The correctness is showed to be preserved while composing the native and Java codes. Our refinement scheme has been designed to fulfill the requirements of a high-level Common Criteria security evaluation.