Formal language, grammar and set-constraint-based program analysis by abstract interpretation
FPCA '95 Proceedings of the seventh international conference on Functional programming languages and computer architecture
A sound type system for secure flow analysis
Journal of Computer Security
Proceedings of the fourth working conference on smart card research and advanced applications on Smart card research and advanced applications
Java Card Technology for Smart Cards: Architecture and Programmer's Guide
Java Card Technology for Smart Cards: Architecture and Programmer's Guide
Java Virtual Machine Specification
Java Virtual Machine Specification
Checking Secure Interactions of Smart Card Applets
ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
Context Inference for Static Analysis of Java Card Object Sharing
E-SMART '01 Proceedings of the International Conference on Research in Smart Cards: Smart Card Programming and Security
An Operational Semantics of the Java Card Firewall
E-SMART '01 Proceedings of the International Conference on Research in Smart Cards: Smart Card Programming and Security
The PACAP Prototype: A Tool for Detecting Java Card Illegal Flow
JavaCard '00 Revised Papers from the First International Workshop on Java on Smart Cards: Programming and Security
Security and Dynamic Class Loading in Java: A Formalization
ICCL '98 Proceedings of the 1998 International Conference on Computer Languages
Java(TM) Language Specification, The (3rd Edition) (Java (Addison-Wesley))
Java(TM) Language Specification, The (3rd Edition) (Java (Addison-Wesley))
Secure object sharing in java card
WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology
Certifying native java card API by formal refinement
CARDIS'06 Proceedings of the 7th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
A type system for checking applet isolation in java card
CASSIS'04 Proceedings of the 2004 international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices
Formal methods for smartcard security
Foundations of Security Analysis and Design III
Firewall mechanism in a user centric smart card ownership model
CARDIS'10 Proceedings of the 9th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Application
JCSI: A tool for checking secure information flow in Java Card applications
Journal of Systems and Software
| Hi-index | 0.00 |
The access control exercised by the Java Card firewall can be bypassed by the use of shareable objects. To help detecting unwanted access to objects, we propose a static analysis that calculates a safe approximation of the possible flow of objects between Java Card applets. The analysis deals with a subset of the Java Card byte-code focusing on aspects of the Java Card firewall, method invocation, field access, variable access, shareable objects and contexts. The technical vehicle for achieving this task is a new kind of constraints: quantified conditional constraints, that permits us to model precisely the effects of the Java Card firewall by only producing a constraint if the corresponding operation is authorized by the firewall.