A Load Time Policy Checker for Open Multi-application Smart Cards

Author

Dragoni, Nicola ; Lostal, Eduardo ; Gadyatskaya, Olga ; Massacci, Fabio ; Paci, Federica

Author_Institution

DTU Inf., Tech. Univ. of Denmark, Lyngby, Denmark

fYear

2011

fDate

6-8 June 2011

Firstpage

153

Lastpage

156

Abstract

Applications on multi-application smart cards contain sensitive data and can exchange information. Thus a major concern is that these applications should not exchange data unless permitted by their respective policy. As modern smart cards allow post-issuance installation and removal of applications, traditional approaches for information flow analysis are not suitable. We suggest the Security-by-Contract approach for loading time application certification on the card, that will enable the stakeholders with the means to ensure the compliance of every update of the card with their security policy. We describe an extension of the card security architecture to deal with verification for different types of updates and present a Java Card prototype implementation of the Policy Checker with performance measurements.

Keywords

Java; electronic data interchange; security of data; smart cards; Java card prototype; card security architecture; information exchange; information flow analysis; load time policy checker; open multiapplication smart cards; security policy; security-by-contract approach; Contracts; Java; Memory management; Meteorology; Prototypes; Security; Smart cards; Smart cards security; application certification; information exchange; policy models;

fLanguage

English

Publisher

ieee

Conference_Titel

Policies for Distributed Systems and Networks (POLICY), 2011 IEEE International Symposium on

Conference_Location

Pisa

Print_ISBN

978-1-4244-9879-6

Electronic_ISBN

978-0-7695-4330-7

Type

conf

DOI

10.1109/POLICY.2011.40

Filename

5976813