Marc Eluard

An Operational Semantics of the Java Card Firewall

This paper presents an operational semantics for a subset of Java Card bytecode, focussing on aspects of the Java Card firewall, method invocation, field access, variable access, shareable objects and contexts. The goal is to provide a precise description of the Java Card firewall using standard tools from operational semantics. Such a description is necessary for formally arguing the correctness of tools for validating the security of Java Card applications.

SmartPro: A Smart Card Based Digital Content Protection for Professional Workflow

This paper introduces Smart Pro , a smart card based technology aiming at protecting content in professional workflows. It gives an overview on how Smart Pro works. It also explains the design constrains that led to the use of smart cards and some of the extra difficulties implied by this choice in order to get to an implementation that may be industrially deployed.

Validation du contrôle d'accès dans des cartes à puce multiapplications

The access control exercised by the Java Card firewall can be bypassed by the use of shareable objects. To help detecting unwanted access to objects, we propose a static analysis that calculates a safe approximation of the possible flow of objects between Java Card applets. The analysis deals with a subset of the Java Card bytecode focussing on aspects of the Java Card firewall, method invocation, field access, variable access, shareable objects and contexts. The technical vehicle for achieving this task is a new kind of constraints: quantified conditional constraints, that permits us to model precisely yet cost-effectively the effects of the Java Card firewall by only producing a constraint if the corresponding operation is authorized by the firewall.