An axiomatic basis for computer programming
Communications of the ACM
Specification of the Javacard API in JML
Proceedings of the fourth working conference on smart card research and advanced applications on Smart card research and advanced applications
Inside the Java Virtual Machine
Inside the Java Virtual Machine
Tool-Assisted Specification and Verification of the JavaCard Platform
AMAST '02 Proceedings of the 9th International Conference on Algebraic Methodology and Software Technology
Towards a Full Formal Specification of the JavaCard API
E-SMART '01 Proceedings of the International Conference on Research in Smart Cards: Smart Card Programming and Security
Non-interference for a JVM-like language
TLDI '05 Proceedings of the 2005 ACM SIGPLAN international workshop on Types in languages design and implementation
Secure object flow analysis for java card
CARDIS'02 Proceedings of the 5th conference on Smart Card Research and Advanced Application Conference - Volume 5
Formal verification of security properties of smart card embedded source code
FM'05 Proceedings of the 2005 international conference on Formal Methods
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Certifying an embedded remote method invocation protocol
Proceedings of the 2008 ACM symposium on Applied computing
Industrial Use of Formal Methods for a High-Level Security Evaluation
FM '08 Proceedings of the 15th international symposium on Formal Methods
Hi-index | 0.00 |
This paper describes a refinement-based approach to show that a native Java Card API function fulfills its specification. We refine a native function from its informal specification (by Sun) through several intermediate models into a low-level model which is very close to its C implementations. We formally prove the correctness of the refinement steps between two adjacent levels. The low-level model is sufficiently detailed such that its correspondence to the C implementation can be informally checked. This work provides a framework to enforce the security of the native code by formal analysis and can be generalized to verify a complete implementation of the Java Card platform.