Firewall Mechanism in a User Centric Smart Card Ownership Model

  • Raja Naeem Akram
  • Konstantinos Markantonakis
  • Keith Mayes
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6035)


Multi-application smart card technology facilitates applications to securely share their data and functionality. The security enforcement and assurance in application sharing is provided by the smart card firewall. The firewall mechanism is well defined and studied in the Issuer Centric Smart Card Ownership Model (ICOM), in which a smart card is under total control of its issuer. However, it is not analysed in the User Centric Smart Card Ownership Model (UCOM) that delegates the smart card control to their users. In this paper, we present UCOM’s security requirements for the firewall mechanism and propose a generic framework that satisfies them.


Virtual Machine Smart Card Shareable Resource Server Application Authentication Protocol 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Deville, D., Galland, A., Grimaud, G., Jean, S.: Smart card operating systems: Past, present and future. In: Proceedings of the 5 th NORDU/USENIX Conference (2003)Google Scholar
  2. 2.
    Sauveron, D.: Multiapplication Smart Card: Towards an Open Smart Card? Inf. Secur. Tech. Rep. 14(2), 70–78 (2009)CrossRefGoogle Scholar
  3. 3.
    Chaumette, S., Sauveron, D.: New Security Problems Raised by Open Multiapplication Smart Cards. LaBRI, Université Bordeaux 1 (2004), RR-1332–04Google Scholar
  4. 4.
    Chen, Z.: Java Card Technology for Smart Cards: Architecture and Programmer’s Guide. Addison-Wesley Longman Publishing Co., Inc., Boston (2000)Google Scholar
  5. 5.
    Montgomery, M., Krishna, K.: Secure Object Sharing in Java Card. In: WOST 1999: Proceedings of the USENIX Workshop on Smartcard Technology, p. 14. USENIX Association, Berkeley (1999)Google Scholar
  6. 6.
    Éluard, M., Jensen, T.P., Denney, E.: An Operational Semantics of the Java Card Firewall. In: Attali, S., Jensen, T. (eds.) E-SMART 2001. LNCS, vol. 2140, pp. 95–110. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  7. 7.
    Bernardeschi, C., Martini, L.: Enforcement of Applet Boundaries in Java Card Systems. In: IASTED Conf. on Software Engineering and Applications, pp. 96–101 (2004)Google Scholar
  8. 8.
    Java Card Platform Specification; Application Programming Interface, Runtime Environment Specification, Virtual Machine Specification. Sun Microsystem Inc Std. Version 2.2.2 (March 2006),
  9. 9.
    Multos: The Multos Specification, Online, Std.,
  10. 10.
    Huisman, M., Gurov, D., Sprenger, C., Chugunov, G.: Checking Absence of Illicit Applet Interactions: A Case Study. In: Wermelinger, M., Margaria-Steffen, T. (eds.) FASE 2004. LNCS, vol. 2984, pp. 84–98. Springer, Heidelberg (2004)Google Scholar
  11. 11.
    Mostowski, W., Poll, E.: Malicious Code on Java Card Smartcards: Attacks and Countermeasures. In: Grimaud, G., Standaert, F.-X. (eds.) CARDIS 2008. LNCS, vol. 5189, pp. 1–16. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  12. 12.
    Éluard, M., Jensen, T.: Secure Object Flow Analysis for Java Card. In: CARDIS 2002: Proceedings of the 5th conference on Smart Card Research and Advanced Application Conference, p. 11. USENIX Association, Berkeley (2002)Google Scholar
  13. 13.
    Bieber, P., Cazin, J., Marouani, A.E., Girard, P., Lanet, J.L., Wiels, V., Zanon, G.: The PACAP Prototype: A Tool for Detecting Java Card Illegal Flow. In: Attali, I., Jensen, T. (eds.) JavaCard 2000. LNCS, vol. 2041, pp. 25–37. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  14. 14.
    Akram, R.N., Markantonakis, K., Mayes, K.: Application Management Framework in User Centric Smart Card Ownership Model. In: Youm, H.Y., Jang, J. (eds.) WISA 2009. LNCS, vol. 5932, pp. 20–35. Springer, Heidelberg (2009)Google Scholar
  15. 15.
    Girard, P.: Which Security Policy for Multiplication Smart Cards? In: WOST 1999: Proceedings of the USENIX Workshop on Smartcard Technology, p. 3. USENIX Association, Berkeley (1999)Google Scholar
  16. 16.
    Basin, D.A., Friedrich, S., Posegga, J., Vogt, H.: Java Bytecode Verification by Model Checking. In: Halbwachs, N., Peled, D.A. (eds.) CAV 1999. LNCS, vol. 1633, pp. 491–494. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  17. 17.
    Basin, D.A., Friedrich, S., Gawkowski, M.: Verified Bytecode Model Checkers. In: Carreño, V.A., Muñoz, C.A., Tahar, S. (eds.) TPHOLs 2002. LNCS, vol. 2410, pp. 47–66. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  18. 18.
    Colby, C., Lee, P., Necula, G.C., Blau, F., Plesko, M., Cline, K.: A Certifying Compiler for Java. In: PLDI 2000: Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation, pp. 95–107. ACM, New York (2000)CrossRefGoogle Scholar
  19. 19.
    Barthe, G., Dufay, G., Jakubiec, L., Melo de Sousa, S.: A Formal Correspondence between Offensive and Defensive JavaCard Virtual Machines. In: Cortesi, A. (ed.) VMCAI 2002. LNCS, vol. 2294, pp. 32–45. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  20. 20.
    Börger, E., Schulte, W.: Defining the Java Virtual Machine as Platform for Provably Correct Java Compilation. In: Brim, L., Gruska, J., Zlatuška, J. (eds.) MFCS 1998. LNCS, vol. 1450, pp. 17–35. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  21. 21.
    Schneier, B.: Applied cryptography: protocols, algorithms, and source code in C, 2nd edn. John Wiley & Sons, Inc., New York (1995)Google Scholar
  22. 22.
    Deville, D., Grimaud, G.: Building an “impossible” verifier on a java card. In: WIESS 2002: Proceedings of the 2nd conference on Industrial Experiences with Systems Software, p. 2. USENIX Association, Berkeley (2002)Google Scholar
  23. 23.
    Mayes, K., Markantonakis, K. (eds.): Smart Cards, Tokens, Security and Applications. Springer, Heidelberg (2008)Google Scholar
  24. 24.
    Markantonakis, K., Mayes, K.: A Secure Channel protocol for multi-application smart cards based on public key cryptography. In: Chadwick, D., Prennel, B. (eds.) CMS 2004 - Eight IFIP TC-6-11 Conference on Communications and Multimedia Security, pp. 79–96. Springer, Heidelberg (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Raja Naeem Akram
    • 1
  • Konstantinos Markantonakis
    • 1
  • Keith Mayes
    • 1
  1. 1.Information Security Group Smart card Centre, Royal HollowayUniversity of London, EghamSurreyUnited Kingdom

Personalised recommendations