Referenced Items are not available for this document.
Applications on multi-application smart cards contain sensitive data and can exchange information. Thus a major concern is that these applications should not exchange data unless permitted by their respective policy. As modern smart cards allow post-issuance installation and removal of applications, traditional approaches for information flow analysis are not suitable. We suggest the Security-by-Contract approach for loading time application certification on the card, that will enable the stakeholders with the means to ensure the compliance of every update of the card with their security policy. We describe an extension of the card security architecture to deal with verification for different types of updates and present a Java Card prototype implementation of the Policy Checker with performance measurements.
Published in:
Policies for Distributed Systems and Networks (POLICY), 2011 IEEE International Symposium on
Date of Conference: 6-8 June 2011
- Page(s):
- 153 - 156
- E-ISBN :
- 978-0-7695-4330-7
- Print ISBN:
- 978-1-4244-9879-6
- INSPEC Accession Number:
- 12172296
- Conference Location :
- Pisa
- Digital Object Identifier :
- 10.1109/POLICY.2011.40
- Product Type:
- Conference Publications
About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies
A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2013 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.
