JCCap: Capability-based Access Control for Java Card

8 years 7 months ago
JCCap: Capability-based Access Control for Java Card
: This paper describes JCCap, a protection facility for cooperating applications in the context of Java Card. It enables the control of access rights between mutually suspicious applications, either between one terminal application and one Java Card applet or between two applets hosted inside the same Java Card. Using JCCap, access to objects is controlled by means of software capabilities that can be exchanged between mutually suspicious applications. An important advantage of JCCap is that the definition of the protection policy of an application (i.e., how access rights are granted to other applications) is completely separated from the application code. The protection policy is described in an extended Interface Definition Language (IDL) at the interface level, thus enhancing modularity, separation of concerns, and ease of expression in the design of the overall security architecture. Each application can define its own protection policy independently from the other applications, t...
Daniel Hagimont, Jean-Jacques Vandewalle
Added 02 Aug 2010
Updated 02 Aug 2010
Type Conference
Year 2000
Authors Daniel Hagimont, Jean-Jacques Vandewalle
Comments (0)