Article

Building an "impossible" verifier on a java card

Authors:

Damien Deville,

Gilles GrimaudAuthors Info & Claims

WIESS'02: Proceedings of the 2nd conference on Industrial Experiences with Systems Software - Volume 2

Page 2

Published: 08 December 2002 Publication History

Abstract

Java is a popular development platform for mobile code systems. It ensures application portability and mobility for a variety of systems, while providing strong security features. The intermediate code (byte code) allows the virtual machine to verify statically (during the loading phase) that the program is well-behaved. This is done by a software security module called the byte code verifier. Smart Cards that provide a Java Virtual Machine, called Java Card, are not supplied with such a verifier because of its complexity. Alternatives are being studied to provide the same functionality outside the card. In the present paper, we propose to integrate the whole verifier inside the smart card. This ensures that the smart card becomes entirely autonomous, which allows full realization of smart cards potential as pervasive computing devices. Our verifier uses a specialized encoding and a software cache with a variety of cache polices to adapt to the hardware constraints of smart card. Our experimental results confirm the feasibility of such a security system being implemented in a smart card.

References

[1]

{1} Atmel Corporation. Atmel AVR. http: //www.atmel.com.]]

[2]

{2} L. Casset, L. Burdy, and A. Requet. Formal development of an embedded verifier for java card byte code. In DSN-2002. The International Conference on Dependable Systems and Networks, 2002.]]

Digital Library

[3]

{3} Z. Chen. Java Card Technology for Smart Cards. Addison Wesley, 2000.]]

Digital Library

[4]

{4} R. M. Cohen. Guide to the djvm model version 0.5 alpha ^** draft ^**, 1997.]]

[5]

{5} C. Colby, G. C. Necula, and P. Lee. A Proof-Carrying Code Architecture for Java. In Computer Aided Verification, 2000.]]

Digital Library

[6]

{6} D. Deville, G. Grimaud, and A. Requet. Efficient representation of code verifier structures, 2001. International pending patent.]]

[7]

{7} G. Grimaud, J. L. Lanet, and J. J. Vandewalle. Façade: A typed intermediate language dedicated to smart card. In Software Engineering - ESEC/FSE'99, pages 476-493, 1999.]]

Digital Library

[8]

{8} H. Ait-Kaci and R. Boyer and P. Lincoln and R. Nasr. Efficient Implementation of Lattice Operations. ACM Transactions on Programming Languages and Systems, TOPLAS, 11(1):115-146, 1989.]]

Digital Library

[9]

{9} International Standard Organisation: ISO. Integrated circuit(s) cards with contacts, parts 1 to 9, 1987-1998.]]

[10]

{10} Gary A. Kildall. A unified approach to global program optimization. In ACM Symposium on Principles of Programming Languages , pages 194-206, 1973.]]

Digital Library

[11]

{11} X. Leroy. Java bytecode verification: an overview. In Computer Aided Verification, 2001.]]

Digital Library

[12]

{12} X. Leroy. On-card bytecode verification for java card. In Esmart, 2001.]]

Digital Library

[13]

{13} X. Leroy. Bytecode verification for Java smart card. Software Practice & Experience , 32:319-340, 2002.]]

Digital Library

[14]

{14} T. Lindholm and F. Yellin. The Java Virtual Machine Specification. Addison Wesley, 1996.]]

Digital Library

[15]

{15} Matthias Bruestle. SOSSE - Simple Operating System for Smartcard Education, 2002. http://www.franken. de/users/mbsks/sosse/html/.]]

[16]

{16} G. C. Necula. A scalable architecture for proof-carrying-code. In Fifth International Symposium of Functionnal and Logic Programming , 2001.]]

Digital Library

[17]

{17} G. C. Necula and P. Lee. Proof-carrying code. In Proceedings of the 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL '97), pages 106-119, Paris, January 1997.]]

Digital Library

[18]

{18} E. Rose and K. H. Rose. Lightweight bytecode verification. In Workshop of the Formal Underpinnings of the Java Paradigm, OOPSLA'98, 1998.]]

[19]

{19} Sun Microsystem. Connected Limited Device Configuration and K Virtual Machine. http://java.sun.com/ products/cldc/.]]

[20]

{20} Sun Microsystem. The javacard^TM 2.1 specification. http://java.sun.com/ products/javacard/.]]

[21]

{21} Trusted Logic. Formal methods, smart card, security. http: //www.trustedlogic.com/.]]

Cited By

Berlach RLackner MSteger CLoinig JHaselsteiner EKnoop JSalapura VKoren IPelosi G(2014)Memory-efficient on-card byte code verification for Java cardsProceedings of the First Workshop on Cryptography and Security in Computing Systems10.1145/2556315.2556323(37-40)Online publication date: 20-Jan-2014
https://dl.acm.org/doi/10.1145/2556315.2556323
Courbot AGrimaud GVandewalle J(2010)Efficient off-board deployment and customization of virtual machine-based embedded systemsACM Transactions on Embedded Computing Systems10.1145/1698772.16987799:3(1-53)Online publication date: 5-Mar-2010
https://dl.acm.org/doi/10.1145/1698772.1698779
Akram RMarkantonakis KMayes K(2010)Firewall mechanism in a user centric smart card ownership modelProceedings of the 9th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Application10.1007/978-3-642-12510-2_9(118-132)Online publication date: 14-Apr-2010
https://dl.acm.org/doi/10.1007/978-3-642-12510-2_9
Show More Cited By

Index Terms

Building an "impossible" verifier on a java card

Recommendations

Advanced control flow in Java card programming
LCTES '04

Java Card technology simplifies the development of smart card applications by providing a high-level programming language similar to Java. However, the master-slave programming model used in current Java Card platform creates control flow difficulties ...
Advanced control flow in Java card programming
LCTES '04: Proceedings of the 2004 ACM SIGPLAN/SIGBED conference on Languages, compilers, and tools for embedded systems

Java Card technology simplifies the development of smart card applications by providing a high-level programming language similar to Java. However, the master-slave programming model used in current Java Card platform creates control flow difficulties ...
Implementing FISC IC Card Specification and Developing Health Care Application Using Java Card
MSE '00: Proceedings of the 2000 International Conference on Microelectronic Systems Education

Java Card specification extends Java technology into smart card. FIX IC card specificationis the only financial smart card standard in Taiwan. In the Peng-Hu Health Care IC Card Project, we adopted FIX-compatible IC cards. In this paper we describe an ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

WIESS'02: Proceedings of the 2nd conference on Industrial Experiences with Systems Software - Volume 2

December 2002

66 pages

Sponsors

SIGOPS: ACM Special Interest Group on Operating Systems
USENIX Assoc: USENIX Assoc
IEEE Technical Committee on Operating Systems (TCOS)

Publisher

USENIX Association

United States

Publication History

Published: 08 December 2002

Check for updates

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

10
Total Citations
View Citations
6
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 04 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Berlach RLackner MSteger CLoinig JHaselsteiner EKnoop JSalapura VKoren IPelosi G(2014)Memory-efficient on-card byte code verification for Java cardsProceedings of the First Workshop on Cryptography and Security in Computing Systems10.1145/2556315.2556323(37-40)Online publication date: 20-Jan-2014
https://dl.acm.org/doi/10.1145/2556315.2556323
Courbot AGrimaud GVandewalle J(2010)Efficient off-board deployment and customization of virtual machine-based embedded systemsACM Transactions on Embedded Computing Systems10.1145/1698772.16987799:3(1-53)Online publication date: 5-Mar-2010
https://dl.acm.org/doi/10.1145/1698772.1698779
Akram RMarkantonakis KMayes K(2010)Firewall mechanism in a user centric smart card ownership modelProceedings of the 9th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Application10.1007/978-3-642-12510-2_9(118-132)Online publication date: 14-Apr-2010
https://dl.acm.org/doi/10.1007/978-3-642-12510-2_9
Akram RMarkantonakis KMayes K(2009)Application Management Framework in User Centric Smart Card Ownership ModelInformation Security Applications10.1007/978-3-642-10838-9_3(20-35)Online publication date: 17-Dec-2009
https://dl.acm.org/doi/10.1007/978-3-642-10838-9_3
Bernardeschi CFrancesco NLettieri GMartini LMasci P(2008)Decomposing bytecode verification by abstract interpretationACM Transactions on Programming Languages and Systems10.1145/1452044.145204731:1(1-63)Online publication date: 12-Dec-2008
https://dl.acm.org/doi/10.1145/1452044.1452047
Ghindici DGrimaud GSimplot-Ryl I(2007)An information flow verifier for small embedded systemsProceedings of the 1st IFIP TC6 /WG8.8 /WG11.2 international conference on Information security theory and practices: smart cards, mobile and ubiquitous computing systems10.5555/1763190.1763212(189-201)Online publication date: 9-May-2007
https://dl.acm.org/doi/10.5555/1763190.1763212
Ghindici DGrimaud GSimplot-Ryl ISprague GSchell BFong W(2006)Embedding verifiable information flow analysisProceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services10.1145/1501434.1501481(1-9)Online publication date: 30-Oct-2006
https://dl.acm.org/doi/10.1145/1501434.1501481
Barthe GDufay G(2005)Formal methods for smartcard securityFoundations of Security Analysis and Design III10.5555/2137760.2137767(133-177)Online publication date: 1-Jan-2005
https://dl.acm.org/doi/10.5555/2137760.2137767
Leroy X(2003)Computer security from a programming language and static analysis perspectiveProceedings of the 12th European conference on Programming10.5555/1765712.1765714(1-9)Online publication date: 7-Apr-2003
https://dl.acm.org/doi/10.5555/1765712.1765714
Leroy X(2003)Java Bytecode VerificationJournal of Automated Reasoning10.1023/A:102505542401730:3-4(235-269)Online publication date: 5-Aug-2003
https://dl.acm.org/doi/10.1023/A%3A1025055424017

View Options

View options

Figures

Tables

Media

View Table of Conten