Skip to main content
Springer Nature Link
Log in

A Type System for Checking Applet Isolation in Java Card

  • Conference paper
Construction and Analysis of Safe, Secure, and Interoperable Smart Devices (CASSIS 2004)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3362))

  • 496 Accesses

Abstract

A Java Card applet is, in general, not allowed to access fields and methods of other applets on the same smart card. This applet isolation property is enforced by dynamic checks in the Java Card Virtual Machine. This paper describes a refined type system for Java Card that enables static checking of applet isolation. With this type system, firewall violations are detected at compile time. Only a special kind of downcast requires dynamic checks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Aldrich, J., Chambers, C.: Ownership domains: Separating aliasing policy from mechanism. In: Odersky, M. (ed.) ECOOP 2004. LNCS, vol. 3086, pp. 1–25. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  2. Aldrich, J., Kostadinov, V., Chambers, C.: Alias annotations for program understanding. In: Object-Oriented Programming Systems, Languages, and Applications, OOPSLA (2002)

    Google Scholar 

  3. Andronick, J., Chetali, B., Ly, O.: Using Coq to verify Java Card applet isolation properties. In: Basin, D., Wolff, B. (eds.) TPHOLs 2003. LNCS, vol. 2758, pp. 335–351. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  4. Barthe, G., Dufay, G., Huisman, M., Melo de Sousa, S.: Jakarta: A toolset for reasoning about JavaCard. In: Attali, S., Jensen, T. (eds.) E-smart 2001. LNCS, vol. 2140, pp. 2–18. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  5. Barthe, G., Dufay, G., Jakubiec, L., Serpette, B., Melo de Sousa, S.: A formal executable semantics of the JavaCard platform. In: Sands, D. (ed.) ESOP 2001. LNCS, vol. 2028, pp. 302–319. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  6. Bieber, P., Cazin, J., El-Marouani, A., Girard, P., Lanet, J.-L., Wiels, V., Zanon, G.: The PACAP prototype: a tool for detecting Java Card illegal flows. In: Attali, I., Jensen, T. (eds.) JavaCard 2000. LNCS, vol. 2041, pp. 25–37. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  7. Bieber, P., Cazin, J., Girard, P., Lanet, J.-L., Wiels, V., Zanon, G.: Checking secure interactions of smart card applets. Journal of Computer Security 10(4), 369–398 (2002)

    Google Scholar 

  8. Bokowski, B., Vitek, J.: Confined types. In: Proceedings of Object-Oriented Programming Systems, Languages, and Applications (OOPSLA). ACM SIGPLAN Notices (1999)

    Google Scholar 

  9. Boyapati, C.: SafeJava: A Unified Type System for Safe Programming. In: Doctor of philosophy, Electrical Engineering and Computer Science. MIT, Cambridge (February 2004)

    Google Scholar 

  10. Caromel, D., Henrio, L., Serpette, B.P.: Context inference for static analysis of java card object sharing. In: Attali, S., Jensen, T. (eds.) E-smart 2001. LNCS, vol. 2140, pp. 43–57. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  11. Clarke, D.G., Potter, J.M., Noble, J.: Ownership types for flexible alias protection. In: Proceedings of Object-Oriented Programming Systems, Languages, and Applications (OOPSLA), vol. 33(10). ACM SIGPLAN Notices (1998)

    Google Scholar 

  12. Drossopoulou, S., Eisenbach, S.: Describing the semantics of Java and proving type soundness. In: Alves-Foss, J. (ed.) Formal Syntax and Semantics of Java. LNCS, vol. 1523, pp. 41–82. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  13. Éluard, M., Jensen, T.: Secure Object Flow Analysis for Java Card. In: Proceedings of 5th Smart Card Research and Advanced Application Conference (Cardis 2002), pp. 97–110. USENIX (2002)

    Google Scholar 

  14. Éluard, M., Jensen, T., Denney, E.: An operational semantics of the Java Card firewall. In: Attali, S., Jensen, T. (eds.) E-smart 2001. LNCS, vol. 2140, pp. 95–110. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  15. Huisman, M., Gurov, D., Sprenger, C., Chugunov, G.: Checking absence of illicit applet interactions: A case study. In: Wermelinger, M., Margaria-Steffen, T. (eds.) FASE 2004. LNCS, vol. 2984, pp. 84–98. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  16. Leroy, X.: Java bytecode verification: algorithms and formalizations. Journal of Automated Reasoning 30(3-4), 235–269 (2003)

    Article  MATH  MathSciNet  Google Scholar 

  17. Müller, P.: Modular Specification and Verification of Object-Oriented Programs. In: Müller, P. (ed.) Modular Specification and Verification of Object-Oriented Programs. LNCS, vol. 2262, p. 123. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  18. Müller, P., Poetzsch-Heffter, A.: A type system for checking applet isolation in Java Card. In: Formal Techniques for Java Programs (2001)

    Google Scholar 

  19. Müller, P., Poetzsch-Heffter, A.: Universes: A type system for alias and dependency control. Technical Report 279, Fernuniversität Hagen (2001)

    Google Scholar 

  20. Nipkow, T., von Oheimb, D.: Java ight is type-safe — definitely. In: Proc. 25th ACM Symp. Principles of Programming Languages, pp. 161–170. ACM Press, New York (1998)

    Google Scholar 

  21. von Oheimb, D.: Analyzing Java in Isabelle/HOL: Formalization, Type Safety and Hoare Logic. PhD thesis. Technische Universität München (2001)

    Google Scholar 

  22. von Oheimb, D., Nipkow, T.: Machine-checking the Java specification: Proving type-safety. In: Alves-Foss, J. (ed.) Formal Syntax and Semantics of Java. LNCS, vol. 1523, p. 119. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  23. Poetzsch-Heffter, A., Müller, P.: Logical foundations for typed object-oriented languages. In: Gries, D., De Roever, W. (eds.) Programming Concepts and Methods, PROCOMET (1998)

    Google Scholar 

  24. Sun Microsystems, Inc. The Runtime Environment Specification for the Java Card Platform, Version 2.2.1 (October 2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. ETH Zürich, Switzerland

    Werner Dietl & Peter Müller

  2. Technische Universität Kaiserslautern, Germany

    Arnd Poetzsch-Heffter

Authors
  1. Werner Dietl
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Peter Müller
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Arnd Poetzsch-Heffter
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. IMDEA Software, Madrid, Spain

    Gilles Barthe

  2. INRIA Sophia Antipolis, France

    Lilian Burdy  & Marieke Huisman  & 

  3. Gemalto, France

    Jean-Louis Lanet

  4. Ecole Supérieure D’Ingénieurs de Luminy - Case 925 - ESIL Parc Scientifique, Université de la Méditerranée, 13288, Marseille, France

    Traian Muntean

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Dietl, W., Müller, P., Poetzsch-Heffter, A. (2005). A Type System for Checking Applet Isolation in Java Card. In: Barthe, G., Burdy, L., Huisman, M., Lanet, JL., Muntean, T. (eds) Construction and Analysis of Safe, Secure, and Interoperable Smart Devices. CASSIS 2004. Lecture Notes in Computer Science, vol 3362. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30569-9_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-30569-9_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-24287-1

  • Online ISBN: 978-3-540-30569-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics