Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Secure Internet programming
Java Card Technology for Smart Cards: Architecture and Programmer's Guide
Java Card Technology for Smart Cards: Architecture and Programmer's Guide
Bytecode verification on Java smart cards
Software—Practice & Experience
Cryptography and Network Security: Principles and Practice
Cryptography and Network Security: Principles and Practice
A Study on the Optimization of Class File for Java Card Platform
ICOIN '02 Revised Papers from the International Conference on Information Networking, Wireless Communications Technologies and Network Applications-Part I
Model-carrying code: a practical approach for safe execution of untrusted applications
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Interactive Theorem Proving and Program Development
Interactive Theorem Proving and Program Development
Static validation of security protocols
Journal of Computer Security
Security-by-contract on the .NET platform
Information Security Tech. Report
On Practical Information Flow Policies for Java-Enabled Multiapplication Smart Cards
CARDIS '08 Proceedings of the 8th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
Certified memory usage analysis
FM'05 Proceedings of the 2005 international conference on Formal Methods
Can we support applications' evolution in multi-application smart cards by security-by-contract?
WISTP'10 Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices
Security-by-contract: toward a semantics for digital signatures on mobile code
EuroPKI'07 Proceedings of the 4th European conference on Public Key Infrastructure: theory and practice
Hi-index | 0.00 |
The Security-by-Contract (S×C) framework has recently been proposed to support software evolution in open multi-application smart cards. The key idea lies in the notion of contract , a specification of the security behavior of an application that must be compliant with the security policy of the card hosting the application. In this paper we address a key issue to realize the S×C idea, namely the outsourcing of the contract-policy matching service to a Trusted Third Party (TTP). In particular, we present the design and implementation of SC2 (Secure Communication over Smart Cards), a system securing the communication between a smart card and the TTP which provides the S×C matching service.