Abstract
This article presents an analysis to statically check the Java Card sharing policy. From the program text, both the violation and the guaranty of correctness can be detected in certain cases avoiding Runtime exception.
Using type inference techniques, a specific inference algorithm is proposed in order to achieve such result. The current implementation is outlined, and experimental results are given on a benchmark program.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Zhiqun Chen. How to write a java card applet: A developer’s guide. http://www.javaworld.com/javaworld/jw-07-1999/jw-07-javacardp.html.
A. Deutsch. Interprocedural may-alias analysis for pointers: Beyond k-limiting. In SIGPLAN’94 Conf. on Programming Language Design and Implementation, pages 230–241, Orlando (Florida, USA), June 1994. ACM. SIGPLAN Notices, 29(6).
Alain Deutsch. A storeless model of aliasing and its abstractions using finite representations of right-regular equivalence relations. In Proceedings of the IEEE 1992 International Conference on Computer Languages, pages 2–13, San Francisco, April 1992. IEEE Press.
Alain Deutsch. Semantic models and abstract interpretation techniques for inductive data structures and pointers. In Proceedings of the ACM SIGPLAN Symposium on Partial Evaluation and Semantics-Based Program Manipulation, pages 226–229, La Jolla, California, June 21–23, 1995.
Anup K. Ghosh. Security risks of java cards. In Proceedings of the Twelfth IFIP WG 11.3 Working Conference on Database Security, Greece, 1999.
Pierre Girard. Which security policy for multiapplication smart cards. In Proceedings of the USENIX Workshop on Smartcard Technology (SMARTCARD-99), pages 21–28, Berkeley, CA, May 10–11 1999. USENIX Association.
Nevin Heintze. Set constraints in program analysis. Technical report, Carnegie-Mellon University, July 1993.
Michael Montgomery and Ksheerabdhi Krishna. Secure object sharing in java card. In Proceedings of the USENIX Workshop on Smartcard Technology (SMARTCARD-99), pages 119–128, Berkeley, CA, May 10–11 1999. USENIX Association.
Erik Poll, Joachim van den Berg, and Bart Jacobs. Specification of the JavaCard API in JML. In Fourth Smart Card Research and Advanced Application Conference (IFIP Cardis). Kluwer Academic Publishers, 2000.
M. Sagiv, T. Reps, and S. Horwitz. Precise interprocedural dataflow analysis with applications to constant propagation. Lecture Notes in Computer Science, 915:651–--, 1995.
Mooly Sagiv, Thomas Reps, and Reinhard Wilhelm. Parametric shape analysis via 3-valued logic. Technical Report CS-TR-1998-1383, University of Wisconsin, Madison, August 1998.
M. Sharir and A. Pnueli. Two approaches to interprocedural data flow analysis. 1981.
SUN microsystems. Java card 2.1 platform api specification. http://java.sun.com/products/javacard/htmldoc/index.html.
SUN microsystems. Java card 2.1 runtime environment (jcre) specification. http://java.sun.com/products/javacard/JCRESpec.pdf.
SUN microsystems. Java card 2.1 virtual machine specification. http://java.sun.com/products/javacard/javacard21.html.
SUN microsystems. Java card applet developper’s guide. http://java.sun.com/products/javacard/AppletDevelopersGuide.html.
Robert Tolksdorf. Programming languages for the java virtual machine. http://grunge.cs.tu-berlin.de/ tolk/vmlanguages.html.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Caromel, D., Henrio, L., Serpette, B. (2001). Context Inference for Static Analysis of Java Card Object Sharing. In: Attali, I., Jensen, T. (eds) Smart Card Programming and Security. E-smart 2001. Lecture Notes in Computer Science, vol 2140. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45418-7_5
Download citation
DOI: https://doi.org/10.1007/3-540-45418-7_5
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42610-3
Online ISBN: 978-3-540-45418-2
eBook Packages: Springer Book Archive