A Mechanism for Secure, Fine-Grained Dynamic Provisioning of Applications on Small Devices

Bush, William R.; Ng, Antony; Simon, Doug; Mathiske, Bernd

doi:10.1007/978-3-540-30569-9_5

William R. Bush²⁰,
Antony Ng²¹,
Doug Simon²⁰ &
…
Bernd Mathiske²⁰

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3362))

Included in the following conference series:

International Workshop on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices

493 Accesses

Abstract

As small, secure devices become more powerful and more wide spread, it has become desirable to support the dynamic provisioning and updating of multiple applications on such devices. This paper presents a simple mechanism for performing such provisioning and updating, even if the applications are mutually distrustful. The mechanism extends CLDC Java^TMtechnology with a classfile attribute that carries the certificates necessary to enable the added security.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

SWYSWYK: A New Sharing Paradigm for the Personal Cloud

FogProtect: Protecting Sensitive Data in the Computing Continuum

Access Control Management for Secure Cloud Storage

References

Connected, Limited Device Configuration, Specification Version 1.1; Sun Microsystems (May 2002), http://java.sun.com/products/cldc
Chen, Z.: Java Card Technology for Smart Cards, June 2000. Addison-Wesley, Reading (2000)
Google Scholar
CLDC Technology Compatibility Kit version 1.0a User’s Guide; Sun Microsystems (February 2001)
Google Scholar
Information on the KVM can be found, at http://java.sun.com/products/cldc
Gong, L.: Inside Java 2 Platform Security, October 1999. Addison-Wesley, Reading (1999)
Google Scholar
Mobile Information Device Profile for Java 2 Micro Edition, Version 2.0; Java Community Process (November 2002), http://java.sun.com/products/midp
Kolsi, O., Virtanen, T.: MIDP 2.0 Security Enhancements. In: Proceedings of the 37th Annual Hawaii International Conference on System Sciences (HICSS 2004) (January 2004)
Google Scholar
Knudsen, J.: Understanding MIDP 2.0’s Security Architecture (February 2003), http://developers.sun.com/techtopics/mobility/midp/articles/permissions/
Acharya, A., Raje, M.: MAPbox: Using Parameterized Behavior CLasses to Confine Untrusted Applications. In: Proceedings of the 9th USENIX Security Symposium (August 2000)
Google Scholar
Bishop, M., Pandey, R.: A Flexible Containment Mechanism for Executing Untrusted Code. In: Proceedings of the 11th USENIX Security Symposium (August 2002)
Google Scholar
Security Requirements for Cryptographic Modules; NIST FIPS PUB 140-2, 25 May (2001)
Google Scholar
Dyer, J.G., Lindemann, M., Perez, R., Sailer, R., van Doorn, L., Smith, S.W.: Building the IBM 4758 Secure Coprocessor, October 2001, pp. 57–66. IEEE Computer, Los Alamitos (2001)
Google Scholar
Schneier, B.: Secrets and Lies. John Wiley and Sons, Chichester (2000)
Google Scholar
Schneier, B.: Applied Cryptography, 2nd edn. John Wiley and Sons, Chichester (1996)
Google Scholar
Anderson, R.: Security Engineering: A Guide to Building Dependable Distributed Systems. John Wiley and Sons, Chichester (2001)
Google Scholar
Lindholm, T., Yellin, F.: The Java Virtual Machine Specification, 2nd edn. Addison-Wesley, Reading (April 1999)
Google Scholar
Gosling, J., Joy, B., Steele, G., Bracha, G.: The Java Language Specification, 2nd edn. Addison-Wesley, Reading (June 2000)
Google Scholar
McGraw, G., Felten, E.W.: Securing Java. John Wiley and Sons, Chichester (1999)
Google Scholar
KVM Debug Wire Protocol (KDWP), Version 1.0; Sun Microsystems; 26 February (2001)
Google Scholar
Dennis, J., Van Horn, E.: Programming Semantics for Multiprogrammed Computations. In: Communications of the ACM, March 1966, pp. 143–155 (1966)
Google Scholar
Shaylor, N., Simon, D., Bush, B.: A Java Virtual Machine Architecture for Very Small Devices. In: Proceedings of the 2003 ACM SIGPLAN conference on Languages, Compilers, and Tools for Embedded Systems, June 2003, pp. 34–41 (2003)
Google Scholar
van Doorn, L.: A Secure Java Virtual Machine. In: Proceedings of the 9th USENIX Security Symposium (August 2000)
Google Scholar

Download references

Author information

Authors and Affiliations

Sun Microsystems Laboratories, Mountain View, CA, 94043, USA
William R. Bush, Doug Simon & Bernd Mathiske
D’Crypt Pte. Ltd,
Antony Ng

Authors

William R. Bush
View author publications
You can also search for this author in PubMed Google Scholar
Antony Ng
View author publications
You can also search for this author in PubMed Google Scholar
Doug Simon
View author publications
You can also search for this author in PubMed Google Scholar
Bernd Mathiske
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

IMDEA Software, Madrid, Spain
Gilles Barthe
INRIA Sophia Antipolis, France
Lilian Burdy & Marieke Huisman &
Gemalto, France
Jean-Louis Lanet
Ecole Supérieure D’Ingénieurs de Luminy - Case 925 - ESIL Parc Scientifique, Université de la Méditerranée, 13288, Marseille, France
Traian Muntean

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Bush, W.R., Ng, A., Simon, D., Mathiske, B. (2005). A Mechanism for Secure, Fine-Grained Dynamic Provisioning of Applications on Small Devices. In: Barthe, G., Burdy, L., Huisman, M., Lanet, JL., Muntean, T. (eds) Construction and Analysis of Safe, Secure, and Interoperable Smart Devices. CASSIS 2004. Lecture Notes in Computer Science, vol 3362. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30569-9_5

Download citation

DOI: https://doi.org/10.1007/978-3-540-30569-9_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-24287-1
Online ISBN: 978-3-540-30569-9
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics