Certifying native java card API by formal refinement

Authors:
Quang-Huy Nguyen;Boutheina Chetali
Affiliations:
Axalto, Smart Cards Research, Louveciennes, France;Axalto, Smart Cards Research, Louveciennes, France
Venue:
CARDIS'06 Proceedings of the 7th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
Year:
2006

Citing 9
Cited 2

An axiomatic basis for computer programming

Communications of the ACM
Specification of the Javacard API in JML

Proceedings of the fourth working conference on smart card research and advanced applications on Smart card research and advanced applications
Inside the Java Virtual Machine

Inside the Java Virtual Machine
Tool-Assisted Specification and Verification of the JavaCard Platform

AMAST '02 Proceedings of the 9th International Conference on Algebraic Methodology and Software Technology
Towards a Full Formal Specification of the JavaCard API

E-SMART '01 Proceedings of the International Conference on Research in Smart Cards: Smart Card Programming and Security
Non-interference for a JVM-like language

TLDI '05 Proceedings of the 2005 ACM SIGPLAN international workshop on Types in languages design and implementation
Secure object flow analysis for java card

CARDIS'02 Proceedings of the 5th conference on Smart Card Research and Advanced Application Conference - Volume 5
Formal verification of security properties of smart card embedded source code

FM'05 Proceedings of the 2005 international conference on Formal Methods
Language-based information-flow security

IEEE Journal on Selected Areas in Communications

Certifying an embedded remote method invocation protocol

Proceedings of the 2008 ACM symposium on Applied computing
Industrial Use of Formal Methods for a High-Level Security Evaluation

FM '08 Proceedings of the 15th international symposium on Formal Methods

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper describes a refinement-based approach to show that a native Java Card API function fulfills its specification. We refine a native function from its informal specification (by Sun) through several intermediate models into a low-level model which is very close to its C implementations. We formally prove the correctness of the refinement steps between two adjacent levels. The low-level model is sufficiently detailed such that its correspondence to the C implementation can be informally checked. This work provides a framework to enforce the security of the native code by formal analysis and can be generalized to verify a complete implementation of the Java Card platform.