Abstract
The use of smart cards to run software modules on demand has become a major business concern for application issuers. Such down-loadable executable content needs to be trusted by the card execution environment in order to ensure that an instruction on a memory area is compliant with the definition of the data stored in this area (i.e. its type). Current solutions for smart cards rely on three techniques. For Java Card, either an off-card verifier-converter performs a static verification of type-safety, or a defensive virtual machine performs the verification at runtime. For other types of open smart cards, no type-checking is carried out and the trust is only based on the containment of applications. Static verification is more efficient and flexible than dynamic techniques. Nevertheless, as the Java verifier cannot fit into a card, the trust is dependent on an external third-party. In this way, the card security has been partly turned to the outside. We propose and describe the FACADE language for which the type-safety verification can be performed statically on-card.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Casset, L. How to formally specify the Java bytecode semantics using the B method. In ECOOP Workshop, Formal Techniques for Java Programs (Lisbon, Portugal, June 1999).
Dwyer, M.Data Flow Analysis for Verifying Correctness Properties of Concur-rent Programs. PhD thesis, University of Massachusetts, Sept. 1995. [http://www.cis.ksu.edu/~dwyer/papers/thesis.ps].
International Organization for Standardization. International Standard ISO/IEC 7816: Integrated circuit(s) cards with contacts, parts 1 to 9, 1987–1998.
Lindhom, T., and Yellin, F.The Java Virtual Machine Specification. The Java Series. Addison-Wesley, Sept. 1996.
Maosco Ltd. “MultOS” Web site. [http://www.multos.com/].
Microsoft Corp. “Smart Card for Windows” Web site. [http://www.microsoft.com/windowsce/smartcard/].
Morrisett, G., Walker, D., Crary, K., and Glew, N. From System F to Typed Assembly Language. In 25th Symposium on Principles of Programming Languages (San Diego, CA, USA, Jan. 1998). http://simon.cs.cornell.edu/Info/People/jgm/papers/tal.ps.
Necula, G. C. Proof-Carrying Code. In 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (Paris, France, Jan. 1997). [http://www.cs.cmu.edu/~necula/popl97.ps.gz].
Rose, E. Towards Secure Bytecode Verification on a Java Card. Master’s thesis, University of Copenhagen, Sept. 1998. [http://www.ens-lyon.fr/~evarose/speciale.ps.gz].
Rose, E., and Rose, K. H. Lightweight Bytecode Verification. In Formal Underpinnings of Java, OOPSLA’98 Workshop (Vancouver, Canada, Oct. 1998). [http://www-dse.doc.ic.ac.uk/~sue/oopsla/rose.f.ps].
Shao, Z. Typed Common Intermediate Format. In USENIX Conference on Domain-Specific Languages (Barbara, CA, USA, Oct. 1997). [http://flint.cs.yale.edu/flint/publications/tcif.html].
Sun Microsystems, Inc.Java Card 2.0 Language Subset and Virtual Machine Specification, Programming Concepts, and Application Programming Interfaces, Oct. 1997. [http://java.sun.com/products/javacard/].
Sun Microsystems, Inc.Java Card 2.1 Virtual Machine, Runtime Environment, and Application Programming Interface Specifications, Public Review ed., Feb. 1999. [http://java.sun.com/products/javacard/javacard21.html].
Sun Microsystems, Inc.Java Card 2.1 Virtual Machine Specification, Draft 2 ed., Feb. 1999. [http://java.sun.com/products/javacard/JCVMSpec.pdf].
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Grimaud, G., Lanet, JL., Vandewalle, JJ. (1999). FACADE: A Typed Intermediate Language Dedicated to Smart Cards. In: Nierstrasz, O., Lemoine, M. (eds) Software Engineering — ESEC/FSE ’99. ESEC SIGSOFT FSE 1999 1999. Lecture Notes in Computer Science, vol 1687. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48166-4_29
Download citation
DOI: https://doi.org/10.1007/3-540-48166-4_29
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-66538-0
Online ISBN: 978-3-540-48166-9
eBook Packages: Springer Book Archive