Context Inference for Static Analysis of Java Card Object Sharing

Caromel, Denis; Henrio, Ludovic; Serpette, Bernard

doi:10.1007/3-540-45418-7_5

Denis Caromel⁶,
Ludovic Henrio⁶ &
Bernard Serpette⁶

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2140))

Included in the following conference series:

International Conference on Research in Smart Cards

803 Accesses
3 Citations

Abstract

This article presents an analysis to statically check the Java Card sharing policy. From the program text, both the violation and the guaranty of correctness can be detected in certain cases avoiding Runtime exception.

Using type inference techniques, a specific inference algorithm is proposed in order to achieve such result. The current implementation is outlined, and experimental results are given on a benchmark program.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Zhiqun Chen. How to write a java card applet: A developer’s guide. http://www.javaworld.com/javaworld/jw-07-1999/jw-07-javacardp.html.
A. Deutsch. Interprocedural may-alias analysis for pointers: Beyond k-limiting. In SIGPLAN’94 Conf. on Programming Language Design and Implementation, pages 230–241, Orlando (Florida, USA), June 1994. ACM. SIGPLAN Notices, 29(6).
Google Scholar
Alain Deutsch. A storeless model of aliasing and its abstractions using finite representations of right-regular equivalence relations. In Proceedings of the IEEE 1992 International Conference on Computer Languages, pages 2–13, San Francisco, April 1992. IEEE Press.
Google Scholar
Alain Deutsch. Semantic models and abstract interpretation techniques for inductive data structures and pointers. In Proceedings of the ACM SIGPLAN Symposium on Partial Evaluation and Semantics-Based Program Manipulation, pages 226–229, La Jolla, California, June 21–23, 1995.
Google Scholar
Anup K. Ghosh. Security risks of java cards. In Proceedings of the Twelfth IFIP WG 11.3 Working Conference on Database Security, Greece, 1999.
Google Scholar
Pierre Girard. Which security policy for multiapplication smart cards. In Proceedings of the USENIX Workshop on Smartcard Technology (SMARTCARD-99), pages 21–28, Berkeley, CA, May 10–11 1999. USENIX Association.
Google Scholar
Nevin Heintze. Set constraints in program analysis. Technical report, Carnegie-Mellon University, July 1993.
Google Scholar
Michael Montgomery and Ksheerabdhi Krishna. Secure object sharing in java card. In Proceedings of the USENIX Workshop on Smartcard Technology (SMARTCARD-99), pages 119–128, Berkeley, CA, May 10–11 1999. USENIX Association.
Google Scholar
Erik Poll, Joachim van den Berg, and Bart Jacobs. Specification of the JavaCard API in JML. In Fourth Smart Card Research and Advanced Application Conference (IFIP Cardis). Kluwer Academic Publishers, 2000.
Google Scholar
M. Sagiv, T. Reps, and S. Horwitz. Precise interprocedural dataflow analysis with applications to constant propagation. Lecture Notes in Computer Science, 915:651–--, 1995.
Google Scholar
Mooly Sagiv, Thomas Reps, and Reinhard Wilhelm. Parametric shape analysis via 3-valued logic. Technical Report CS-TR-1998-1383, University of Wisconsin, Madison, August 1998.
Google Scholar
M. Sharir and A. Pnueli. Two approaches to interprocedural data flow analysis. 1981.
Google Scholar
SUN microsystems. Java card 2.1 platform api specification. http://java.sun.com/products/javacard/htmldoc/index.html.
SUN microsystems. Java card 2.1 runtime environment (jcre) specification. http://java.sun.com/products/javacard/JCRESpec.pdf.
SUN microsystems. Java card 2.1 virtual machine specification. http://java.sun.com/products/javacard/javacard21.html.
SUN microsystems. Java card applet developper’s guide. http://java.sun.com/products/javacard/AppletDevelopersGuide.html.
Robert Tolksdorf. Programming languages for the java virtual machine. http://grunge.cs.tu-berlin.de/ tolk/vmlanguages.html.

Download references

Author information

Authors and Affiliations

INRIA Sophia Antipolis, CNRS - I3S - Univ. Nice Sophia Antipolis, BP 93, 06902, Sophia Antipolis Cedex, France
Denis Caromel, Ludovic Henrio & Bernard Serpette

Authors

Denis Caromel
View author publications
You can also search for this author in PubMed Google Scholar
Ludovic Henrio
View author publications
You can also search for this author in PubMed Google Scholar
Bernard Serpette
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

INRIA Sophia Antipolis, BP 93, 06902, Sophia Antipolis Cedex, France
Isabelle Attali
Campus de Beaulieu, IRISA/CNRS, 35042, Rennes, France
Thomas Jensen

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Caromel, D., Henrio, L., Serpette, B. (2001). Context Inference for Static Analysis of Java Card Object Sharing. In: Attali, I., Jensen, T. (eds) Smart Card Programming and Security. E-smart 2001. Lecture Notes in Computer Science, vol 2140. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45418-7_5

Download citation

DOI: https://doi.org/10.1007/3-540-45418-7_5
Published: 11 September 2001
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42610-3
Online ISBN: 978-3-540-45418-2
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics