Static Program Analysis for Java Card Applets

8 years 5 months ago
Static Program Analysis for Java Card Applets
The Java Card API provides a framework of classes and interfaces that hides the details of the underlying smart card interface, thus relieving developers from going through the swamps of microcontroller programming. This allows application developers to concentrate most of their effort on the details of application, assuming proper use of the Java Card API calls regarding (i) the correctness of the methods' invocation targets and their arguments and (ii) temporal safety, i.e. the requirement that certain method calls have to be used in certain orders. Several characteristics of the Java Card applets and their multiple-entry-point program structure make it possible for a potentially unhandled exception to reach the invoked entry point. This contingency opens a possibility to leave the applet in an unpredictable state that is potentially dangerous for the application's security. Our work introduces automatic static program analysis as a means for the early detection of misused ...
Vasilios Almaliotis, Alexandros Loizidis, Panagiot
Added 12 Oct 2010
Updated 12 Oct 2010
Type Conference
Year 2008
Authors Vasilios Almaliotis, Alexandros Loizidis, Panagiotis Katsaros, Panagiotis Louridas, Diomidis Spinellis
Comments (0)