Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Secure Internet programming
Inside Java(TM) 2 Platform Security: Architecture, API Design, and Implementation
Inside Java(TM) 2 Platform Security: Architecture, API Design, and Implementation
Verification of a Formal Security Model for Multiapplicative Smart Cards
ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
Checking secure interactions of smart card applets: extended version
Journal of Computer Security - Special issue on ESORICS 2000
Model-carrying code: a practical approach for safe execution of untrusted applications
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Which security policy for multiplication smart cards?
WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology
Security-by-contract on the .NET platform
Information Security Tech. Report
Malicious Code on Java Card Smartcards: Attacks and Countermeasures
CARDIS '08 Proceedings of the 8th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
On Practical Information Flow Policies for Java-Enabled Multiapplication Smart Cards
CARDIS '08 Proceedings of the 8th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Security-by-contract: toward a semantics for digital signatures on mobile code
EuroPKI'07 Proceedings of the 4th European conference on Public Key Infrastructure: theory and practice
FPS'11 Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security
Hi-index | 0.00 |
Java card technology have progressed at the point of running web servers and web clients on a smart card. Yet concrete deployment of multi-applications smart cards have remained extremely rare because the business model of the asynchronous download and update of applications by different parties requires the control of interactions among possible applications after the card has been fielded. Yet the current security models and techniques do not support this type of evolution. We propose in this paper to apply the notion of security-by-contract (S ×C), that is a specification of the security behavior of an application that must be compliant with the security policy of the hosting platform. This compliance can be checked at load time and in this way avoid the need for costly run-time monitoring. We show how the S ×C approach can be used to prevent illegal information exchange among several applications on a single smart card platform, and to deal with dynamic changes in both contracts and platform policy.