Abstract
Open multi-application smart cards that allow post-issuance evolution (i.e. loading of new applets) are
potentially very attractive for both smart card developers and card users. Yet we find only few of them
on the market as no satisfactory solution exists for the assurance that these coming-and-going applications
will not exchange data unless permitted by their respective policies.
If all applications could be loaded at the start this would boil down to information flow analysis for
which many solutions exist, but this is precisely what we want to overcome. When applications are
not known in advance and can be updated asynchronously and possibly without connection to trusted
third parties, we must preserve the security policies of the various owners of the applets during such
autonomous evolution. This chapter illustrates the extension of the Security-by-Contract approach
from mobile phones to smart cards: Security-by-Contract is based on the loading time application
certification on the card that will enable the card to make autonomous decisions on application and
policy updates while ensuring the compliance of every change of the platform with the security policy
of each application’s owner.
Original language | English |
---|---|
Title of host publication | Dependability and Computer Engineering : Concepts for Software-Intensive Systems |
Number of pages | 515 |
Volume | 13 |
Publisher | IGI global |
Publication date | 2011 |
Pages | 285-305 |
ISBN (Print) | 978-1-60960-747-0 |
ISBN (Electronic) | 978-1-60960-748-7 |
Publication status | Published - 2011 |