David C. Toll

Verification of a Formal Security Model for Multiapplicative Smart Cards

We present a generic formal security model for operating systems of multiapplicative smart cards. The model formalizes the main security aspects of secrecy, integrity, secure communication between applications and secure downloading of new applications. The model satisfies a security policy consisting of authentication and intransitive noninterference. The model extends the classical security models of Bell/LaPadula and Biba, but avoids the need for trusted processes, which are not subject to the security policy by incorporating such processes directly in the model itself. The correctness of the security policy has been formally proven with the VSE II system.

Authenticating Mandatory Access Controls and Preserving Privacy for a High-Assurance Smart Card

This paper presents an authentication protocol for high-assurance smart card operating systems that support download of mutually suspicious applications. Such a protocol is required to be part of the operating system, rather than the traditional smart card approach of allowing applications to do authentication, because strong authentication is essential for the operating system to protect one application from another. The protocol itself is based on the existing IKE protocol [13], used for authentication in IPSEC. What is new is the integration of an IKE-like protocol with authentication of mandatory secrecy and integrity access controls, the recognition that a single PKI-hierarchy cannot certify identity and all possible mandatory access rights, and the use of IKE to resolve privacy problems found in existing smart card authentication protocols.

The Caernarvon secure embedded operating system

The Caernarvon operating system was developed to demonstrate that a high assurance system for smart cards was technically feasible and commercially viable. The entire system has been designed to be evaluated under the Common Criteria at EAL7, the highest defined level of assurance. Historically, smart card processors have not supported the hardware protection features necessary to separate the OS from the applications, and one application from another. The Caernarvon OS has taken advantage of the first smart card processors with such features to be the first smart card OS to provide this kind of protection. Even when compared with conventional systems where the hardware protection is routine, the Caernarvon OS is noteworthy, because of the EAL7 assurance. This approach facilitated implementation of a formally specified, mandatory security policy providing multi-level security (MLS) suitable for both government agencies and commercial users. The mandatory security policy requires effective authentication of its users that is independent of applications. For this reason, the Caernarvon OS also contains a privacy-preserving, two-way authentication protocol integrated with the Mandatory Security Policy. The Caernarvon OS includes a strong cryptographic library that has been separately certified under the Common Criteria at EAL5+ for use with other systems. The Caernarvon OS implements a secure method for downloading trusted and untrusted application software and data in the field, with the assumption that all applications are potentially hostile. While the initial platform for the operating system was smart cards, the design could also be used in other embedded devices, such as USB tokens, PDAs, cell phones, etc.

Verified formal security models for multiapplicative smart cards

We present two generic formal security models for operating systems of multiapplicative smart cards. The models formalize the main security aspects of secrecy, integrity, secure communication between applications and secure downloading of new applications. The first model is as abstract as possible, whereas the second extends the first by adding practically relevant issues such as a structured file system. The models satisfy a common security policy consisting of authentication and intransitive noninterference. The policy extends the classical security policy of Bell/LaPadula and Biba models, but avoids the need for trusted processes that are allowed to circumvent the security policy. Instead trusted processes are incorporated directly in the model itself and are subject to the security policy. The security policy has been formally proven to be correct for both models.

Lessons Learned: Building the Caernarvon High-Assurance Operating System

This article features lessons learned in designing, developing, and testing features for a high-assurance smart card operating system. In particular, this paper describes software design, development, and testing process, and the advantages reaped from following established process guidelines. The authors describe the project impact experienced from external influences and count among them market pressure from a rapidly changing commercial landscape which demands agility in order to assure continued funding and product success.

Designing a side channel resistant random number generator

This paper describes the design of the random number generator (RNG) in the Caernarvon high assurance smart card operating system. Since it is used in the generation of cryptographic keys and other sensitive materials, the RNG has a number of stringent security requirements that the random bits must be of good quality i.e. the bits must not be predictable or biased. To this end, a number of standards such as the German AIS 31 mandate that true random bits be continuously tested before use in sensitive applications such as key generation. A key issue in implementing this standard is that such testing before use in key generation greatly increases the attack surface for side-channel attacks. For example, template attacks which can extract information about the random bits from even a single run provided we use the same bits at many different points in the computation. Because of these potential risks, the Caernarvon operating system uses pseudo random number generators which are initially seeded by externally generated high quality random bits, and then perturbed by bits from the true random number generator. We describe a PRNG design which yields high quality random bits while also ensuring that it is not susceptible to side-channel attacks and provide an informal argument about its effectiveness.

Implementing a high-assurance smart-card OS

Building a high-assurance, secure operating system for memory constrained systems, such as smart cards, introduces many challenges. The increasing power of smart cards has made their use feasible in applications such as electronic passports, military and public sector identification cards, and cell-phone based financial and entertainment applications. Such applications require a secure environment, which can only be provided with sufficient hardware and a secure operating system. We argue that smart cards pose additional security challenges when compared to traditional computer platforms. We discuss our design for a secure smart card operating system, named Caernarvon, and show that it addresses these challenges, which include secure application download, protection of cryptographic functions from malicious applications, resolution of covert channels, and assurance of both security and data integrity in the face of arbitrary power losses.

Privacy is essential for secure mobile devices

This paper contradicts the commonly held view that privacy and security of data must sometimes be sacrificed for the sake of national security. We demonstrate that for specific examples of real mobile devices, such as mobile phones, Wi-Fit, electronic passports, and electronic government-employee ID cards, lack of sufficient attention to privacy actually harms the intended national security applications. We then present as a case study the Caernarvon high-security smart-card operating system developed by IBM, to show the feasibility of harmonizing personal privacy and security requirements with national security needs.

The Feasibility of Automated Feedback-Directed Specification-Based Test Generation: A Case Study of a High-Assurance Operating System

In this paper, we describe results of a case study to establish the feasibility of deriving mappings between an abstract user level specification and the code elements in a concrete implementation of a highly secure smart card operating system. Such a mapping is necessary for feedback-directed specification-based test generation to improve code coverage, needed by the stringent criteria for high-assurance systems. We used test cases generated from the user level specification to identify the executed code elements and attempted to use static analysis to map the unexecuted code elements to the corresponding elements in the user level specification. Our primary result is evidence that, given a sufficiently expressive user level specification and a test generation system that is able to effectively use such a specification, the resulting tests will cover the vast majority of the code branches that are able to be covered. Therefore, the benefit of a feedback-directed system will be limited. We further provide evidence that the static analysis required to generate feedback in these cases tends to be difficult, involving inferring the semantics of the internal implementation of data structures. In particular, we observed that the internal states at the implementation level in a high security application pose significant challenges to this mapping process.