A load time policy checker for open multi-application smart cards

N. Dragoni; E. Lostal; O. Gadyatskaya; F. Massacci; F. Paci

doi:10.1109/POLICY.2011.40

A load time policy checker for open multi-application smart cards

N. Dragoni, E. Lostal, O. Gadyatskaya, F. Massacci, F. Paci

Research output: Chapter in Book / Report / Conference proceeding › Conference contribution › Academic › peer-review

Abstract

Applications on multi-application smart cards contain sensitive data and can exchange information. Thus a major concern is that these applications should not exchange data unless permitted by their respective policy. As modern smart cards allow post-issuance installation and removal of applications, traditional approaches for information flow analysis are not suitable. We suggest the Security-by-Contract approach for loading time application certification on the card, that will enable the stakeholders with the means to ensure the compliance of every update of the card with their security policy. We describe an extension of the card security architecture to deal with verification for different types of updates and present a Java Card prototype implementation of the Policy Checker with performance measurements. © 2011 IEEE.

Original language	English
Title of host publication	Proceedings - 2011 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2011
Pages	153-156
DOIs	https://doi.org/10.1109/POLICY.2011.40
Publication status	Published - 2011
Externally published	Yes
Event	2011 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2011 - , Italy Duration: 6 Jun 2011 → 8 Jun 2011

Publication series

Name	Proceedings - 2011 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2011

Conference

Conference	2011 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2011
Country/Territory	Italy
Period	6/06/11 → 8/06/11

Access to Document

10.1109/POLICY.2011.40

Persistent URL (handle)

Persistent link

Cite this

Dragoni, N., Lostal, E., Gadyatskaya, O., Massacci, F., & Paci, F. (2011). A load time policy checker for open multi-application smart cards. In Proceedings - 2011 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2011 (pp. 153-156). (Proceedings - 2011 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2011). https://doi.org/10.1109/POLICY.2011.40

@inproceedings{18e11436ce1f4c34825a35058632dfa4,

title = "A load time policy checker for open multi-application smart cards",

abstract = "Applications on multi-application smart cards contain sensitive data and can exchange information. Thus a major concern is that these applications should not exchange data unless permitted by their respective policy. As modern smart cards allow post-issuance installation and removal of applications, traditional approaches for information flow analysis are not suitable. We suggest the Security-by-Contract approach for loading time application certification on the card, that will enable the stakeholders with the means to ensure the compliance of every update of the card with their security policy. We describe an extension of the card security architecture to deal with verification for different types of updates and present a Java Card prototype implementation of the Policy Checker with performance measurements. {\textcopyright} 2011 IEEE.",

author = "N. Dragoni and E. Lostal and O. Gadyatskaya and F. Massacci and F. Paci",

year = "2011",

doi = "10.1109/POLICY.2011.40",

language = "English",

isbn = "9780769543307",

series = "Proceedings - 2011 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2011",

pages = "153--156",

booktitle = "Proceedings - 2011 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2011",

note = "2011 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2011 ; Conference date: 06-06-2011 Through 08-06-2011",

}

Dragoni, N, Lostal, E, Gadyatskaya, O, Massacci, F & Paci, F 2011, A load time policy checker for open multi-application smart cards. in Proceedings - 2011 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2011. Proceedings - 2011 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2011, pp. 153-156, 2011 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2011, Italy, 6/06/11. https://doi.org/10.1109/POLICY.2011.40

A load time policy checker for open multi-application smart cards. / Dragoni, N.; Lostal, E.; Gadyatskaya, O. et al.
Proceedings - 2011 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2011. 2011. p. 153-156 (Proceedings - 2011 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2011).

Research output: Chapter in Book / Report / Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - A load time policy checker for open multi-application smart cards

AU - Dragoni, N.

AU - Lostal, E.

AU - Gadyatskaya, O.

AU - Massacci, F.

AU - Paci, F.

PY - 2011

Y1 - 2011

N2 - Applications on multi-application smart cards contain sensitive data and can exchange information. Thus a major concern is that these applications should not exchange data unless permitted by their respective policy. As modern smart cards allow post-issuance installation and removal of applications, traditional approaches for information flow analysis are not suitable. We suggest the Security-by-Contract approach for loading time application certification on the card, that will enable the stakeholders with the means to ensure the compliance of every update of the card with their security policy. We describe an extension of the card security architecture to deal with verification for different types of updates and present a Java Card prototype implementation of the Policy Checker with performance measurements. © 2011 IEEE.

AB - Applications on multi-application smart cards contain sensitive data and can exchange information. Thus a major concern is that these applications should not exchange data unless permitted by their respective policy. As modern smart cards allow post-issuance installation and removal of applications, traditional approaches for information flow analysis are not suitable. We suggest the Security-by-Contract approach for loading time application certification on the card, that will enable the stakeholders with the means to ensure the compliance of every update of the card with their security policy. We describe an extension of the card security architecture to deal with verification for different types of updates and present a Java Card prototype implementation of the Policy Checker with performance measurements. © 2011 IEEE.

U2 - 10.1109/POLICY.2011.40

DO - 10.1109/POLICY.2011.40

M3 - Conference contribution

SN - 9780769543307

T3 - Proceedings - 2011 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2011

SP - 153

EP - 156

BT - Proceedings - 2011 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2011

T2 - 2011 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2011

Y2 - 6 June 2011 through 8 June 2011

ER -

Dragoni N, Lostal E, Gadyatskaya O, Massacci F, Paci F. A load time policy checker for open multi-application smart cards. In Proceedings - 2011 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2011. 2011. p. 153-156. (Proceedings - 2011 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2011). doi: 10.1109/POLICY.2011.40

A load time policy checker for open multi-application smart cards

Abstract

Publication series

Conference

Access to Document

Persistent URL (handle)

Fingerprint

Cite this