Résumé:
Smart cards have been in use since the early seventies, and their
applications have
evolved as a result of technological advances. JavaCards are a class
of
smart cards
that have a special Java Virtual Machine (JCVM, for JavaCard Virtual
Machine) embedded.
The range of applications varies from healthcare or digital wallets to
loyalty programs
or access control. As the JavaCard technology spreads, new applicative
areas for
JavaCards (and smart cards in general) are considered.
JavaCards allow more than one application (called Applets) to coexist in them. This makes them very attractive, as the user can have, for example, a banking application, an e-wallet and his driving license in the same card.
When an applet is installed, it is given an AID (Applet Identifier) which is unique. When a company wants to deploy an applet, it must obtain an AID for it from the ISO. In the card, applets exist in Applet Contexts, which are isolated object spaces where all the objects of a certain package coexist. The JavaCard Runtime Environment (JCRE) enforces the object space isolation by means of the Applet Firewall. The firewall prevents objects in a certain context from directly accessing objects in another context. The JavaCard Specification 2.1 provides applet developers with a way to share data and services between applets. This is called object sharing.
In our work, we put forward a methodology for secure object sharing on the JavaCard platform. Our proposal is inspired by the work of Montgomery and Krishna, from Schlumberger. That work is concerned with object sharing and proposes an approach to solve some of the problems that arise in the object sharing model proposed in the JavaCard 2.1 Specification. Their work suggests some modifications to the JCRE specification as a possible solution to those problems. We base our approach on a methodology rather than on changes to the specification.
Retour au sommaire / Back to schedule