Skip to main content

TS

Certifying an Embedded Remote Method Invocation Protocol

Authors

June Andronick and Quang-Huy Nguyen

Gemalto

Abstract

This paper describes an approach to formally prove that an implementation of the Java Card Remote Method Invocation protocol on smart cards fulfills its functional and security specification. For that, we refine the specification in two intermediate formal models: the functional specification and the high level design. These two models are both defined upon an existing complete formal model of the Java Card virtual machine, allowing to formalize all the security requirements. We focus on certifying the Java code portion since the native portion has been handled in a previous work. The correctness is showed to be preserved while composing the native and Java codes. Our refinement scheme has been designed to fulfill the requirements of a high-level Common Criteria security evaluation.

BibTeX Entry

  @inproceedings{Andronick_N_08,
    publisher        = {ACM},
    title            = {{Certifying an Embedded Remote Method Invocation Protocol}},
    author           = {June Andronick and Quang-Huy Nguyen},
    month            = mar,
    year             = {2008},
    booktitle        = {Proceedings of the 23rd Proceedings of the ACM Symposium on Applied Computing},
    pages            = {352--359},
    address          = {Fortaleza, Ceara, Brazil}
  }

Download

Served by Apache on Linux on seL4.
Served by Apache on Linux on seL4.