A decentralized model for information flow control
Proceedings of the sixteenth ACM symposium on Operating systems principles
A type system for Java bytecode subroutines
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Secure information flow in a multi-threaded imperative language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Security properties of typed applets
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A type system for object initialization in the Java bytecode language
Proceedings of the 13th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Byte Code Verification for Java Smart Card Based on Model Checking
ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
Checking Secure Interactions of Smart Card Applets
ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
FoSSaCS '01 Proceedings of the 4th International Conference on Foundations of Software Science and Computation Structures
Which security policy for multiplication smart cards?
WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology
Report highlights: New security issues raised by open cards
Information Security Tech. Report
Reducing the Memory Complexity of Type-Inference Algorithms
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
An Operational Semantics of the Java Card Firewall
E-SMART '01 Proceedings of the International Conference on Research in Smart Cards: Smart Card Programming and Security
Proceedings of the 5th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Secure object flow analysis for java card
CARDIS'02 Proceedings of the 5th conference on Smart Card Research and Advanced Application Conference - Volume 5
On-device control flow verification for Java programs
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
A type system for checking applet isolation in java card
CASSIS'04 Proceedings of the 2004 international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices
Experiences with PDG-Based IFC
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
Firewall mechanism in a user centric smart card ownership model
CARDIS'10 Proceedings of the 9th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Application
| Hi-index | 0.00 |
This paper presents some practical issues of a joint project between Gemplus and ONERA. In this approach, a smart card issuer can verify that a new applet securely interacts with already loaded applets. A security policy has been defined that associates levels to applet attributes and methods and defines authorized flows between levels. We propose a technique based on model checking to verify that actual information flows between applets are authorized. In this paper, we focus on the development of the prototype of the analyzer and we present the first results.