WIESS '02 Abstract
Building an "Impossible" Verifier on a Java Card
Damien Deville and Gilles Grimaud, University of Lille
Java is a popular development platform for mobile code systems. It ensures
application portability and mobility for a variety of systems, while providing
strong security features. The intermediate code (byte code) allows the virtual
machine to verify statically (during the loading phase) that the program is
well-behaved. This is done by a software security module called the
byte code verifier. Smart Cards that provide a Java Virtual Machine,
called Java Card, are not supplied with such a verifier because of its
complexity. Alternatives are being studied to provide the same functionality
outside the card. In the present paper, we propose to integrate the whole
verifier inside the smart card. This ensures that the smart card becomes
entirely autonomous, which allows full realization of smart cards potential as
pervasive computing devices. Our verifier uses a specialized encoding and a
software cache with a variety of cache polices to adapt to the hardware
constraints of smart card. Our experimental results confirm the feasibility of
such a security system being implemented in a smart card.
- View the full text of this paper in HTML and PDF. Until December 2003, you will need your USENIX membership identification in order to access the full papers.
The Proceedings are published as a collective work, © 2002 by the USENIX Association. All Rights Reserved. Rights to individual papers remain with the author or the author's employer. Permission is granted for the noncommercial reproduction of the complete work for educational or research purposes. USENIX acknowledges all trademarks within this paper.
- If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.