A Formal Security Model of a Smart Card Web Server

Abstract : Smart card Web server provides a modern interface between smart cards and the external world. It is of paramount importance that this new software component does not jeopardize the security of the smart card. This paper presents a formal model of the smart card Web server specification and the proof of its security properties. The formalization enables a thoughtful analysis of the specification that has revealed several ambiguities and potentially dangerous behaviors. Our formal model is built using a modular approach upon a model of Java Card and Global Platform. By proving the security properties, we show that the smart card Web server preserves the security policy of the overall model. In other words, this component introduces no illegal access to the card resources (i.e., file system and applications). Furthermore, the smart card Web server provides a means for securely managing the card contents (i.e., resources update).
Type de document :
Communication dans un congrès
Emmanuel Prouff. 10th Smart Card Research and Advanced Applications (CARDIS), Sep 2011, Leuven, Belgium. Springer, Lecture Notes in Computer Science, LNCS-7079, pp.34-49, 2011, Smart Card Research and Advanced Applications. 〈10.1007/978-3-642-27257-8_3〉
Liste complète des métadonnées

Littérature citée [11 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01596309
Contributeur : Hal Ifip <>
Soumis le : mercredi 27 septembre 2017 - 14:46:48
Dernière modification le : vendredi 18 mai 2018 - 01:25:03
Document(s) archivé(s) le : jeudi 28 décembre 2017 - 13:14:01

Fichier

978-3-642-27257-8_3_Chapter.pd...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Pierre Neron, Quang-Huy Nguyen. A Formal Security Model of a Smart Card Web Server. Emmanuel Prouff. 10th Smart Card Research and Advanced Applications (CARDIS), Sep 2011, Leuven, Belgium. Springer, Lecture Notes in Computer Science, LNCS-7079, pp.34-49, 2011, Smart Card Research and Advanced Applications. 〈10.1007/978-3-642-27257-8_3〉. 〈hal-01596309〉

Partager

Métriques

Consultations de la notice

109

Téléchargements de fichiers

28