Abstract
Recent developments in mobile code and embedded systems have led to an increased interest in open platforms, i.e. platforms which enable different applications to interact in a dynamic environment. However, the flexibility of open platforms presents major difficulties for the (formal) verification of secure interaction between the different applications. To overcome these difficulties, compositional verification techniques are required.
This paper presents a compositional approach to the specification and verification of secure applet interactions. This approach involves a compositional model of the interface behavior of applet interactions, a temporal logic property specification language, and a proof system for proving correctness of property decompositions. The usability of the approach is demonstrated on a realistic smartcard case study.
See http://java.sun.com/java2.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
G. Barthe, D. Gurov, and M. Huisman. Compositional specification and verification of control flow based security properties of multi-application programs. In Proceedings of Workshop on Formal Techniques for Java Programs (FTfJP), 2001.
P. Bieber, J. Cazin, V. Wiels, G. Zanon, P. Girard, and J.-L. Lanet. Electronic purse applet certification: extended abstract. In S. Schneider and P. Ryan, editors, Proceedings of the workshop on secure architectures and information flow, volume 32 of Elect. Notes in Theor. Comp. Sci. Elsevier Publishing, 2000.
O. Burkart and B. Steffen. Model checking the full modal mu-calculus for infinite sequential processes. In Proceedings of ICALP’97, number 1256 in LNCS, pages 419–429, 1997.
A. Cimatti, E. Clarke, F. Giunchiglia, and M. Roveri. NuSMV: a new symbolic model checker. Software Tools for Technology Transfer (STTT), 2/4:410–425, 2000.
J. Corbett, M. Dwyer, J. Hatcli., and Robby. A language framework for expressing checkable properties of dynamic software. In K. Havelund, J. Penix, and W. Visser, editors, SPIN Model Checking and Software Verification, number 1885 in LNCS. Springer, 2000.
M. Dam and D. Gurov. Compositional verification of CCS processes. In D. Bjørner, M. Broy, and A.V. Zamulin, editors, Proceedings of PSI’99, number 1755 in LNCS, pages 247–256, 1999.
M. Dam and D. Gurov. μ-calculus with explicit points and approximations. Journal of Logic and Computation, 2001. To appear.
L.-Ã¥. Fredlund, D. Gurov, T. Noll, M. Dam, T. Arts, and G. Chugunov. A verification tool for Erlang. Software Tools for Technology Transfer (STTT), 2002. To appear.
G. Holzmann. The model checker SPIN. Transactions on Software Engineering, 23(5):279–295, 1997.
T. Jensen, D. Le Métayer, and T. Thorn. Verification of control flow based security policies. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 89–103. IEEE Computer Society Press, 1999.
D. Kozen. Results on the propositional μ-calculus. Theoretical Computer Science, 27:333–354, 1983.
X. Leroy. Java bytecode verification: an overview. In G. Berry, H. Comon, and A. Finkel, editors, Proceedings of CAV’01, number 2102 in LNCS, pages 265–285. Springer, 2001.
X. Leroy. On-card bytecode verification for JavaCard. In I. Attali and T. Jensen, editors, Smart Card Programming and Security (E-Smart 2001), number 2140 in LNCS, pages 150–164. Springer, 2001.
S. Owre, J. Rushby, N. Shankar, and F von Henke. Formal verification for faulttolerant architectures: Prolegomena to the design of PVS. IEEE Transactions on Software Engineering, 21(2):107–125, 1995.
A. Simpson. Compositionality via cut-elimination: Hennesy-Milner logic for an arbitrary GSOS. In Proceedings of the Tenth Annual IEEE Symposium on Logic in Computer Science (LICS), pages 420–430, 1995.
G. Smith and D. Volpano. Secure information flow in a multi-threaded imperative language. In Proceedings of POPL’98, pages 355–364. ACM Press, 1998.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Barthe, G., Gurov, D., Huisman, M. (2002). Compositional Verification of Secure Applet Interactions. In: Kutsche, RD., Weber, H. (eds) Fundamental Approaches to Software Engineering. FASE 2002. Lecture Notes in Computer Science, vol 2306. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45923-5_2
Download citation
DOI: https://doi.org/10.1007/3-540-45923-5_2
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-43353-8
Online ISBN: 978-3-540-45923-1
eBook Packages: Springer Book Archive