A Verifiable Conformance Relationship between Smart Card Applets and B Security Models

  • Frédéric Dadeau
  • Julien Lamboley
  • Thierry Moutet
  • Marie-Laure Potet
Conference paper

DOI: 10.1007/978-3-540-87603-8_19

Volume 5238 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Dadeau F., Lamboley J., Moutet T., Potet ML. (2008) A Verifiable Conformance Relationship between Smart Card Applets and B Security Models. In: Börger E., Butler M., Bowen J.P., Boca P. (eds) Abstract State Machines, B and Z. ABZ 2008. Lecture Notes in Computer Science, vol 5238. Springer, Berlin, Heidelberg

Abstract

We propose a formal framework based on the B method, that supports the development of secured smart card applications. Accordingly to the Common Criteria methodology, we start from a formal definition and modelling of security policies, as access control policies. At the end of the development process, smart card applications are implemented in a standardized way, based on both the life cycle of smart card applets and the APDU protocol. In this paper, we define a conformance relationship that aims at establishing how smart card applications can be related to security requirement models. This embraces both the notions of security conformance as well as traceability allowing to relate basic events appearing at the level of applications with abstract security policies. This approach has been developed in the RNTL POSÉ project, involving a smart card issuer, Gemalto.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Frédéric Dadeau
    • 1
  • Julien Lamboley
    • 2
  • Thierry Moutet
    • 2
  • Marie-Laure Potet
    • 2
  1. 1.Laboratoire d’Informatique de Franche-ComtéBesançon cedex 
  2. 2.Vérimag, centre équationGières