Title: High-level algorithms and data structures requirements for security-by-contract on Java cards

Authors: Nicola Dragoni; Olga Gadyatskaya; Fabio Massacci; Anton Philippov

Addresses: DTU Informatics, Technical University of Denmark, 2800 Kgs. Lyngby, Denmark ' Department of Information Engineering and Computer Science, University of Trento, Povo, Trento, 38123, Italy ' Department of Information Engineering and Computer Science, University of Trento, Povo, Trento, 38123, Italy ' Department of Information Engineering and Computer Science, University of Trento, Povo, Trento, 38123, Italy

Abstract: The Java Card technology has progressed to the point of running web servers and web clients on a smart card. Yet concrete deployments of multi-applications smart cards have remained extremely rare because the business model of the asynchronous download and update of applications by different parties requires the control of interactions among possible applications after the card has been fielded. The current security models and techniques do not support this type of evolution. We propose in this paper to apply the notion of security-by-contract (S×C), that is a specification of security-related behaviour of an application that must be compliant with the security policy of the hosting platform. This compliance can be checked at the application loading time, avoiding in this way the need of costly runtime monitoring. We show how S×C can be used to prevent illegal information exchange among applications on a single smart card platform in presence of dynamic changes on the card.

Keywords: security-by-contract; S×C; load time verification; Java Card; application interactions; security policies; multi-application smart cards; illegal information exchange.

DOI: 10.1504/IJCCBS.2012.053207

International Journal of Critical Computer-Based Systems, 2012 Vol.3 No.4, pp.284 - 304

Published online: 16 Aug 2014 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article