A Formal Security Model of a Smart Card Web Server
Autor: | Pierre Neron, Quang-Huy Nguyen |
---|---|
Přispěvatelé: | École polytechnique (X), Trusted Labs, Emmanuel Prouff, TC 8, TC 11, WG 8.8, WG 11.2 |
Rok vydání: | 2011 |
Předmět: |
OpenPGP card
Application server business.industry Computer science [SHS.INFO]Humanities and Social Sciences/Library and information sciences BasicCard Computer security computer.software_genre Smart card application protocol data unit MULTOS Operating system [INFO]Computer Science [cs] Smart card Open Smart Card Development Platform Java Card business computer |
Zdroj: | Smart Card Research and Advanced Applications ISBN: 9783642272561 CARDIS Lecture Notes in Computer Science |
Popis: | Part 1: Smart Cards System Security; International audience; Smart card Web server provides a modern interface between smart cards and the external world. It is of paramount importance that this new software component does not jeopardize the security of the smart card. This paper presents a formal model of the smart card Web server specification and the proof of its security properties. The formalization enables a thoughtful analysis of the specification that has revealed several ambiguities and potentially dangerous behaviors. Our formal model is built using a modular approach upon a model of Java Card and Global Platform. By proving the security properties, we show that the smart card Web server preserves the security policy of the overall model. In other words, this component introduces no illegal access to the card resources (i.e., file system and applications). Furthermore, the smart card Web server provides a means for securely managing the card contents (i.e., resources update). |
Databáze: | OpenAIRE |
Externí odkaz: |