Publication Details

A Hardest Attacker for Leaking References

René Rydhof Hansen
Proceedings of European Symposium on Programming (ESOP'04), volume 2986 of Lecture Notes in Computer Science, pages 310-324, Barcelona, Spain, March/April 2004. Springer Verlag.
[ pdf | bibtex ]

Abstract

Java Card is a variant of Java designed for use in smart cards and other systems with limited resources. Applets running on a smart card are protected from each other by the applet firewall, allowing communication only through shared objects. Security can be breached if a reference to a shared object is leaked to a hostile applet.

In this paper we develop a Control Flow Analysis for a small language based on Java Card, which will guarantee that sensitive object references can not be leaked to a particular (attack) applet. The analysis is used as a basis for formulating a hardest attacker that will expand the guarantee to cover all possible attackers.