مرکز منطقه ای اطلاع رساني علوم و فناوري - Automatic Generation of Vulnerability Tests for the Java Card Byte Code Verifier

DocumentCode :

1928314

Title :

Automatic Generation of Vulnerability Tests for the Java Card Byte Code Verifier

Author :

Savary, Aymerick ; Frappier, Marc ; Lanet, Jean-Louis

Author_Institution :

Dept. Inf., Univ. de Sherbrooke, Sherbrooke, QC, Canada

fYear :

2011

fDate :

18-21 May 2011

Firstpage :

Lastpage :

Abstract :

The byte code verifier is an essential component of the Java Card security platform. Test generation to assess its implementation is mandatory, however, comprehensive test plans are too intricate to be handmade. Therefore, automating their generation is an interesting avenue. Our approach is based on formal methods, an important asset to find a preamble, a postamble, or the entire set of test cases for each instruction. The proposed vulnerability tests confirm that a behavior rejected by the model is also rejected by its implementation. Our results show that the techniques put forward achieve such a goal, through a simplified language.

Keywords :

Java; automatic test pattern generation; formal verification; security of data; smart cards; Java card byte code verifier; Java card security platform; automatic vulnerability test generation; Context; Electronic mail; Gold; Java; Read only memory; Runtime environment; Silicon;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

Network and Information Systems Security (SAR-SSI), 2011 Conference on

Conference_Location :

La Rochelle

Print_ISBN :

978-1-4577-0735-3

Type :

conf

DOI :

10.1109/SAR-SSI.2011.5931379

Filename :

5931379

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=1928314