A Formal Security Model of a Smart Card Web Server - Smart Card Research and Advanced Applications
Conference Papers Year : 2011

A Formal Security Model of a Smart Card Web Server

Quang-Huy Nguyen
  • Function : Author

Abstract

Smart card Web server provides a modern interface between smart cards and the external world. It is of paramount importance that this new software component does not jeopardize the security of the smart card. This paper presents a formal model of the smart card Web server specification and the proof of its security properties. The formalization enables a thoughtful analysis of the specification that has revealed several ambiguities and potentially dangerous behaviors. Our formal model is built using a modular approach upon a model of Java Card and Global Platform. By proving the security properties, we show that the smart card Web server preserves the security policy of the overall model. In other words, this component introduces no illegal access to the card resources (i.e., file system and applications). Furthermore, the smart card Web server provides a means for securely managing the card contents (i.e., resources update).
Fichier principal
Vignette du fichier
978-3-642-27257-8_3_Chapter.pdf (195.69 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01596309 , version 1 (27-09-2017)

Licence

Identifiers

Cite

Pierre Neron, Quang-Huy Nguyen. A Formal Security Model of a Smart Card Web Server. 10th Smart Card Research and Advanced Applications (CARDIS), Sep 2011, Leuven, Belgium. pp.34-49, ⟨10.1007/978-3-642-27257-8_3⟩. ⟨hal-01596309⟩
180 View
298 Download

Altmetric

Share

More