Open multi-application smart cards that allow post-issuance evolution (i.e. loading of new applets) are very attractive for both smart card developers and card users. Since these applications contain sensitive data and can exchange information, a major concern is the assurance that these applications will not exchange data unless permitted by their respective policies. We suggest an approach for load time application certification on the card, that will enable the card to make autonomous decisions on application and policy updates while ensuring the compliance of every change of the platform with the security policy of each application’s owner. Information Security Technology for Applications Information Security Technology for Applications Look Inside Share Share this content on Facebook Share this content on Twitter Share this content on LinkedIn Other actions Export citations About this Book
Java Card Architecture for Autonomous Yet Secure Evolution of Smart Cards Applications
Gadyatskaya, Olga;Massacci, Fabio;Paci, Federica;
2012-01-01
Abstract
Open multi-application smart cards that allow post-issuance evolution (i.e. loading of new applets) are very attractive for both smart card developers and card users. Since these applications contain sensitive data and can exchange information, a major concern is the assurance that these applications will not exchange data unless permitted by their respective policies. We suggest an approach for load time application certification on the card, that will enable the card to make autonomous decisions on application and policy updates while ensuring the compliance of every change of the platform with the security policy of each application’s owner. Information Security Technology for Applications Information Security Technology for Applications Look Inside Share Share this content on Facebook Share this content on Twitter Share this content on LinkedIn Other actions Export citations About this BookI documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione