In multi-application Java Cards, applet's sensitive data must be protected against unauthorized accesses. Applet isolation is normally achieved through the firewall mechanism. The firewall allows an applet to access external objects only through an object sharing mechanism, called shareable interface. Firewall is based on the access control policy and does not control information propagation. This paper shows how extending the firewall with the inspection of call-stack of shareable interface methods contributes to avoid unwanted information flow that can arise as a result of method callback from one applet to another. This control detects the illegal information flow of the well-known Electronic Purse case study
Abstract. The Java Card API provides a framework of classes and interfaces that hides the details of...
This paper describes a tool for checking secure information flow in Java Card applications. The tool...
AbstractThis paper discusses a case study in formal verification and development of secure smart car...
Nowadays, JavaCard Platform-based SmartCards are multi-application and support inter-applet collabor...
This paper explores the problem of protecting a site on the Internet against hostile external Java a...
Abstract. This paper presents an approach enabling a smart card is-suer to verify that a new applet ...
Part 7: Java Card SecurityInternational audienceThe Java Card uses two components to ensure the secu...
It is becoming more and more important to study methods for protecting sensitive data in computer an...
Abstract. This paper presents an approach enabling a smart card issuer to verify that a new applet s...
This paper presents some practical issues of a joint project between Gemplus and ONERA. In this app...
We propose an approach to support confidentiality for mobile implementations of security-sensitive p...
Ki-Chang Kim. This is an open access article distributed under the Creative Commons Attribution Lice...
The Java Card API provides a framework of classes and interfaces that hides the details of the under...
This research concerns enhancement in on-card verification of downloaded applets in Java Card techno...
International audienceWe present an approach based on a multilevel security policy and the theory of...
Abstract. The Java Card API provides a framework of classes and interfaces that hides the details of...
This paper describes a tool for checking secure information flow in Java Card applications. The tool...
AbstractThis paper discusses a case study in formal verification and development of secure smart car...
Nowadays, JavaCard Platform-based SmartCards are multi-application and support inter-applet collabor...
This paper explores the problem of protecting a site on the Internet against hostile external Java a...
Abstract. This paper presents an approach enabling a smart card is-suer to verify that a new applet ...
Part 7: Java Card SecurityInternational audienceThe Java Card uses two components to ensure the secu...
It is becoming more and more important to study methods for protecting sensitive data in computer an...
Abstract. This paper presents an approach enabling a smart card issuer to verify that a new applet s...
This paper presents some practical issues of a joint project between Gemplus and ONERA. In this app...
We propose an approach to support confidentiality for mobile implementations of security-sensitive p...
Ki-Chang Kim. This is an open access article distributed under the Creative Commons Attribution Lice...
The Java Card API provides a framework of classes and interfaces that hides the details of the under...
This research concerns enhancement in on-card verification of downloaded applets in Java Card techno...
International audienceWe present an approach based on a multilevel security policy and the theory of...
Abstract. The Java Card API provides a framework of classes and interfaces that hides the details of...
This paper describes a tool for checking secure information flow in Java Card applications. The tool...
AbstractThis paper discusses a case study in formal verification and development of secure smart car...