Skip to main content
SpringerLink
Log in
Book cover

International Conference on Information Security and Cryptology

ICISC 2002: Information Security and Cryptology — ICISC 2002 pp 118–137Cite as

Applet Verification Strategies for RAM-Constrained Devices

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2587))

Abstract

While bringing considerable flexibility and extending the horizons of mobile computing, mobile code raises major security issues. Hence, mobile code, such as Java applets, needs to be analyzed before execution. The byte-code verifier checks low-level security properties that ensure that the downloaded code cannot bypass the virtual machine’s security mechanisms. One of the statically ensured properties is type safety. The type-inference phase is the overwhelming resource-consuming part of the verification process. This paper addresses the RAM bottleneck met while verifying mobile code in memory-constrained environments such as smart-cards. We propose to modify classic type-inference in a way that significantly reduces memory consumption. Our algorithm is inspired by bit-slice data processing and consists in running the verifier on each variable in turn. In other words, instead of running the fix-point calculation algorithm once on M variables, we re-launch the algorithm M/l times, verifying each time only l variables. Parameter l can then be tuned to suit the RAM resources available on board whereas M/l upper-bounds the computational effort (expressed in re-runs of the usual fix-point calculation algorithm). The resulting RAM economy, as experimented on a number of popular applets, is around 40%.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. A. Aho, R. Sethi, J. Ullman, Compilers: Principles, Techniques, and Tools, Addison-Wesley, 1986. 125

    Google Scholar 

  2. Z. Chen, Java Card Technology for Smart Cards: Architecture and Programmer’s Guide, The Java Series, Addison-Wesley, 2000. 118, 130

    Google Scholar 

  3. R. Cohen, The defensive Java virtual machine specification, Technical Report, Computational Logic Inc., 1997. 119

    Google Scholar 

  4. P. Cousot, R. Cousot, Abstract Interpretation: a Unified Lattice Model for Static Analysis by Construction or Approximation of Fixpoints, Proceedings of POPL’77, ACM Press, Los Angeles, California, pp. 238–252. 121

    Google Scholar 

  5. X. Leroy, Java Byte-Code Verification: an Overview, In G. Berry, H. Comon, and A. Finkel, editors, Computer Aided Verification, CAV 2001, volume 2102 of Lecture Notes in Computer Science, pp. 265–285, Springer-Verlag, 2001. 120

    Google Scholar 

  6. X. Leroy, On-Card Byte-code Verification for Java card, In I. Attali and T. Jensen, editors, Smart Card Programming and Security, proceedings E-Smart 2001, volume 2140 of Lecture Notes in Computer Science, pp. 150–164, Springer-Verlag, 2001. 119

    Chapter  Google Scholar 

  7. X. Leroy, Bytecode Verification for Java smart card, Software Practice & Experience, 32:319–340, 2002. 119

    Article  MATH  Google Scholar 

  8. T. Lindholm, F. Yellin, The Java Virtual Machine Specification, The Java Series, Addison-Wesley, 1999. 119, 120, 122, 124, 129, 136

    Google Scholar 

  9. G. McGraw, E. Felten Securiy Java, John Wiley & Sons, 1999. 119

    Google Scholar 

  10. S. Muchnick, Advanced Compiler Design and Implementation, Morgan Kaufmann, 1997. 125

    Google Scholar 

  11. G. Necula, Proof-carrying code, Proceedings of POPL’97, pp. 106–119, ACM Press, 1997. 119

    Google Scholar 

  12. D. Schmidt, Denotational Semantics, a Methodology for Language Development, Allyn and Bacon, Boston, 1986.

    Google Scholar 

  13. P. Bieber, J. Cazin, A. El-Marouani, P. Girard, J.-L. Lanet, V. Wiels, G. Zanon, The PACAP prototype: a tool for detecting java card illegal flows, In I. Attali and T. Jensen, editors, Java on Smart Cards: Programming and Security, vol. 2041 of Lecture Notes in Computer Science, pp. 25–37, Springer-Verlag, 2001. 136

    Chapter  Google Scholar 

  14. A. Yao, New algorithms for bin packing, Journal of the ACM, 27(2):207–227, April 1980. 134

    Article  MATH  Google Scholar 

  15. W. de la Vega, G. Lueker, Bin packing can be solved within 1+∈ in linear time, Combinatorica, 1(4):349–355, 1981. 134

    Article  MATH  MathSciNet  Google Scholar 

  16. D. Johnson, A. Demers, J. Ullman, M. Garey, R. Graham, Worst-case performance bounds for simple one-dimensional packaging algorithms, SIAM Journal on Computing, 3(4):299–325, December 1974. 134

    Article  MathSciNet  Google Scholar 

  17. B. Baker, A new proof for the first-fit decreasing bin-packing algorithm, SIAM Journal Alg. Disc. Meth., 2(2):147–152, June 1981. 134

    Article  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Lund Institute of Technology, Magistratsvägen 27A, 226 43, Lund, Sweden

    Nils Maltesson

  2. Gemplus Card International, 34 rue Guynemer, 92447, Issy-les-Moulineaux, France

    David Naccache & Christophe Tymen

  3. Department of Computer Science and Applied Mathematics, onUniversity of Kuopio, 1627, FIN-70211, Kuopio, Finland

    Elena Trichina

Authors
  1. Nils Maltesson
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. David Naccache
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Elena Trichina
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Christophe Tymen
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Pohnag University of Science and Technology, San 31, Hyoja-dong, Nam-gu, Pohang, 790-784, Kyungbuk, Korea

    Pil Joong Lee

  2. Sejong University, 98, Gunja-dong, Gwangjin-gu, 143-747, Seoul, Korea

    Chae Hoon Lim

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Maltesson, N., Naccache, D., Trichina, E., Tymen, C. (2003). Applet Verification Strategies for RAM-Constrained Devices. In: Lee, P.J., Lim, C.H. (eds) Information Security and Cryptology — ICISC 2002. ICISC 2002. Lecture Notes in Computer Science, vol 2587. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36552-4_9

Download citation

  • DOI: https://doi.org/10.1007/3-540-36552-4_9

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-00716-6

  • Online ISBN: 978-3-540-36552-5

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation