Secure Object Flow Analysis for Java Card
نویسندگان
چکیده
The access control exercised by the Java Card firewall can be bypassed by the use of shareable objects. To help detecting unwanted access to objects, we propose a static analysis that calculates a safe approximation of the possible flow of objects between Java Card applets. The analysis deals with a subset of the Java Card bytecode focusing on aspects of the Java Card firewall, method invocation, field access, variable access, shareable objects and contexts. The technical vehicle for achieving this task is a new kind of constraints: quantified conditional constraints, that permits us to model precisely the effects of the Java Card firewall by only producing a constraint if the corresponding operation is authorized by the firewall.
منابع مشابه
JCSI: A tool for checking secure information flow in Java Card applications
This paper describes a tool for checking secure information flow in Java Card applications. The tool performs a static analysis of Java Card CAP files and includes a CAP viewer. The analysis is based on the theory of abstract interpretation and on a multi-level security policy assignment. Actual values of variables are abstracted into security levels, and bytecode instructions are executed over...
متن کاملA Theorem Proving Approach to Analysis of Secure Information Flow
Most attempts at analysing secure information flow in programs are based on domain-specific logics. Though computationally feasible, these approaches suffer from the need for abstraction and the high cost of building dedicated tools for real programming languages. We recast the information flow problem in a general program logic rather than a problem-specific one. We investigate the feasibility...
متن کاملA Hardest Attacker for Leaking References
Java Card is a variant of Java designed for use in smart cards and other systems with limited resources. Applets running on a smart card are protected from each other by the applet firewall, allowing communication only through shared objects. Security can be breached if a reference to a shared object is leaked to a hostile applet. In this paper we develop a Control Flow Analysis for a small lan...
متن کاملStatic program analysis of multi-applet JavaCard applications
Java Card provides a framework of classes and interfaces that hides the details of the underlying smart card interface and makes it possible to load and run on the same card several applets, from different application providers with complex trust relationships. This fact opens prospects for new business applications, but the card issuer has to secure absence of malicious or faulty card applets....
متن کاملA new secure Internet voting protocol using Java Card 3 technology and Java information flow concept
Recently, there has been a spate of interest in Internet voting systems because of advantages such as participation, efficiency, accuracy, and transparency. However, challenges for having a secure i-voting system are considerable. Unless these systems are designed and implemented carefully, citizens might lose their trust on the whole voting process. This paper introduces a novel online voting ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2002