Skip to main content
SpringerLink
Log in
Book cover

European Conference on Object-Oriented Programming

ECOOP 2003: ECOOP 2003 – Object-Oriented Programming pp 225–247Cite as

Open APIs for Embedded Security

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2743))

Abstract

Embedded computer control is increasingly common in appliances, vehicles, communication devices, medical instruments, and many other systems. Some embedded computer systems enable users to obtain their own programs from parties other than the maker of the device. For instance, PDAs and some cell phones offer an open application programming interface that enables users to better customize devices to their needs and support an industry of independent software vendors. This kind of flexibility will be more difficult for other kinds of embedded devices where safety and security are a greater risk. This paper discusses some of the challenges and architectural options for open APIs for embedded systems. These issues are illustrated through an approach to implementing secure programmable payment cards.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Alur, R., Grosu, R., Wang, B.-Y.: Automated refinement checking for asynchronous processes. In: 3rd International Conference on Formal Methods in Computer-Aided Design (2000)

    Google Scholar 

  2. Alur, R., Wang, B.-Y.: Verifying network protocol implementations by symbolic refinement checking. In: 13th International Conference on Computer- Aided Verification (2001)

    Google Scholar 

  3. Bella, G., Massacci, F., Paulson, L.C.: The verification of an industrial payment protocol. In: Atluri, V. (ed.) Proceedings of the 9th ACM Conference on Computer and Communications Security, Washington, DC, ACM Press, New York (2002)

    Google Scholar 

  4. Bhargavan, K., Gunter, C.A.: Requirements for a network event recognition language. Electronic Notes in Theoretical Computer Science, vol. 70(4) (December 2002)

    Google Scholar 

  5. Detlefs, D.L., Rustan, K., Leino, M., Nelson, G., Sax, J.B.: Extended static checking. Research Report 159, Compaq Systems Research Center (1998)

    Google Scholar 

  6. Evans, D., Schmalensee, R.I.: Paying with Plastic. MIT Press, Cambridge (1999)

    Google Scholar 

  7. Goodloe, A., McDougall, M., Alur, R., Gunter, C.A.: Predictable programs in barcodes. In: Jerraya, A., Wolf, W. (eds.) Proceedings of CASES 2003 International Conference on Compilers, Architecture, and Synthesis for Embedded Systems, Grenoble, France, pp. 298–303. ACM Press, New York (2002)

    Google Scholar 

  8. Grimaud, G., Lanet, J.-L., Vandewalle, J.-J.: FACADE: A typed intermediate language dedicated to smart cards. In: Nierstrasz, O., Lemoine, M. (eds.) ESEC 1999 and ESEC-FSE 1999. LNCS, vol. 1687, pp. 476–493. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  9. Gunter, C.A.: Micro mobile programs. In: Baeza-Yates, R., Montanari, U., Santoro, N. (eds.) Foundations of Information Technology in the Era of Network and Mobile Computing, Montreal, Canada, August 2002, pp. 356–369 (2002); IFIP 17th World Computer Congress — TC1 Stream / International Conference on Theoretical Computer Science (TCS 2002). Kluwer, Dordrecht (2002)

    Google Scholar 

  10. Nelson, G., Rustan, K., Leino, M., Saxe, J.B.: ESC/java user’s manual. Technical Note 2000-002, Compaq Systems Research Center (October 2000)

    Google Scholar 

  11. Leroy, X.: Bytecode verification for Java smart card. Software Practice & Experience 32, 319–340 (2002)

    Article  MATH  Google Scholar 

  12. Lyubich, M.: Eine SET Kundembörse mit der Java Card Unterstützung. In: GI Informatiktage 2000. Konradin-Verlag (November 2000)

    Google Scholar 

  13. Lyubich, M.: Die architekturen von SET mit der Java Card. In: Bode, A., Karl, W. (eds.) ITG Fachbericht, APC 2001 Arbeitsplatzcomputer (2001)

    Google Scholar 

  14. Lyubich, M., Cap, C.: Eine implementierung von SET für Java. In: Tagesband Netzinfrustruckhur und Anwendugen für Informationsgesellschaft, pp. 208–214. Dr. Wilke Verlag (1998)

    Google Scholar 

  15. Lyubich, M.: Architectural Concepts for Java Card Running a Payment Protocol and Their Application in a SET Wallet. PhD thesis, University of Rostock (2003)

    Google Scholar 

  16. Mastercard and Visa. SET Secure Electronic Transaction Specification: Business Description (May 1997)

    Google Scholar 

  17. Mastercard and Visa. SET Secure Electronic Transaction Specification: External Interface Guide (May 1997)

    Google Scholar 

  18. Mastercard and Visa. SET Secure Electronic Transaction Specification: Formal Protocol Definition (May 1997)

    Google Scholar 

  19. Mastercard and Visa. SET Secure Electronic Transaction Specification: Programmer’s Guide (May 1997)

    Google Scholar 

  20. Rose, E., Rose, K.H.: Lightweight bytecode verification. In: Workshop “Formal Underpinnings of the Java Paradigm”, OOPSLA 1998 (1998)

    Google Scholar 

  21. Schneider, F.B.: Enforceable security policies. ACM Transactions on Information and System Security 3, 30–50 (2000)

    Article  Google Scholar 

  22. Schneier, B.: Secrets and Lies. John Wiley & Sons, Chichester (2000)

    Google Scholar 

  23. Sun Microsystems. Java 2 Platform Icro Edition (J2ME) Technology for Creating Mobile Devices (May 2000). White paper, http://java.sun.com/products/cldc/wp/KVMwp.pdf

  24. van den Berg, J., Jacobs, B.: The LOOP compiler for Java and JML. In: Margaria, T., Yi, W. (eds.) TACAS 2001. LNCS, vol. 2031, pp. 299–312. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer and Information Science, University of Pennsylvania, 3330 Walnut Street, Philadelphia, PA, 19104-6389

    Carl A. Gunter

Authors
  1. Carl A. Gunter
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Microsoft Research,  

    Luca Cardelli

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Gunter, C.A. (2003). Open APIs for Embedded Security. In: Cardelli, L. (eds) ECOOP 2003 – Object-Oriented Programming. ECOOP 2003. Lecture Notes in Computer Science, vol 2743. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45070-2_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-45070-2_11

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-40531-3

  • Online ISBN: 978-3-540-45070-2

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation