A Method for Secure Smartcard Applications
We have presented a method for the formal development of secure smartcard applications. The method combines and integrates different techniques (with algebraic specifications at the core) to tackle the different problems: objects and distributed systems, attackers and cryptographic protocols, JavaCard programs and limited resources. The techniques include UML models enriched by algebraic specifications, and dynamic logic for JavaCard verification. The method is tailored to take advantage of the special features of smartcard scenarios, and to make proving securityand correctness as easy as possible. The method is illustrated with a small but surprisinglyco mplex example, a copy card. The approach is implemented in the KIV specification and verification system.
KeywordsSmart Card Class Diagram Security Property Activity Diagram Dynamic Logic
Unable to display preview. Download preview PDF.
- 1.J. Alves-Foss, editor. Formal Syntax and Semantics of Java. Springer LNCS 1523, 1999.Google Scholar
- 2.R. Anderson and R. Needham. Programming satan’s computer. In J. van Leeuwen, editor, Computer Science Today: Recent Trends and Developments. Springer LNCS 1000, 1995.Google Scholar
- 4.B. Beckert. A dynamic logic for the formal verification of java card programs. In I. Attali and T. Jensen, editors, Java on Smart Cards. Springer LNCS 2041, 2000.Google Scholar
- 5.M. Burrows, M. Abadi, and R. Needham. A logic of authentication. Technical report, SRC Research Report 39, 1989.Google Scholar
- 6.CoFI: The Common Framework Initiative. Casl—the CoFI algebraic specification language tentative design: Language summary, 1997. http://www.brics.dk/Projects/CoFI.
- 7.R. Eshuis and R. Wieringa. A formal semantics for uml activity diagrams—formalising workflow models. Technical report, University of Twente, February 2001. http://wwwhome.cs.utwente.nl/~eshuis/adsem.pdf.
- 9.International Standards Organization, Geneva. ISO 7816—Identification Cards—Integrated cicuit(s) cards with contacts. several parts, 1987–1997.Google Scholar
- 12.Lawrence C. Paulson. The inductive approach to verifying cryptographic protocols. Journal of Computer Security, 6:85–128, 1998.Google Scholar
- 13.G. Reggio, M. Cerioli, and E. Astesiano. An Algebraic Semantics of UML Supporting its Multiview Approach. In Proc. AMiLP 2000 of the Twente Workshop on Language Technology n. 16, Enschede, University of Twente, 2000.Google Scholar
- 15.G. Schellhorn, W. Reif, A. Schairer, P. Karger, V. Austel, and D. Toll. Verification of a formal security model for multiapplicative smart cards. In Proc. of the 6 th European Symposium on Research in Computer Security (ESORICS), LNCS 1895, pages 17–36. Springer, 2000.Google Scholar
- 16.Kurt Stenzel. Verification of JavaCard Programs. Technical report 2001-5, Institut für Informatik, Universität Augsburg, Germany, 2001. Available at http://www.Informatik.Uni-Augsburg.DE/swt/fmg/papers/.
- 17.The Object Management Group (OMG). OMG Unified Modeling Language Specification, 1999. http://www.omg.org/technology/uml.
- 19.David von Oheimb. Axiomatic semantics for Javalight in Isabelle/HOL. In S. Drossopoulou, S. Eisenbach, B. Jacobs, G. T. Leavens, P. Müller, and A. Poetzsch-Heffter, editors, Formal Techniques for Java Programs. Technical Report 269, 5/2000, Fernuniversität Hagen, Fernuniversität Hagen, 2000.Google Scholar
- 20.Benkt Wangler and Lars Bergman, editors. An Overview of RoZ: A Tool for Integrating UML and Z Specifications, volume 1789 of Lecture Notes in Computer Science. Springer, 2000.Google Scholar