Malicious code on Java']Java Card smartcards: Attacks and countermeasures

被引:0
作者
Mostowski, Wojciech [1 ]
Poll, Erik [1 ]
机构
[1] Radboud Univ Nijmegen, Dept Comp Sci, Digital Secur DS Grp, NL-6525 ED Nijmegen, Netherlands
来源
SMART CARD RESEARCH AND ADVANCED APPLICATIONS, PROCEEDINGS | 2008年 / 5189卷
关键词
D O I
暂无
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
When it comes to security, an interesting difference between Java Card and regular Java is the absence of an on-card bytecode verifier on most Java Cards. In principle this opens up the possibility of malicious, ill-typed code as an avenue of attack, though the Java Card platform offers SOME: protection against this, notably by code signing. This paper gives an extensive overview of vulnerabilities and possible runtime countermeasures against ill-typed code, and describes results of experiments with attacking actual Java Cards currently on the market with malicious code.
引用
收藏
页码:1 / 16
页数:16
相关论文
共 11 条
  • [1] [Anonymous], 2003, INF SECUR B
  • [2] Beckert B, 2003, LECT NOTES COMPUT SC, V2621, P246
  • [3] Dietl W, 2005, LECT NOTES COMPUT SC, V3362, P129
  • [4] Using memory errors to attack a virtual machine
    Govindavajhala, S
    Appel, AW
    [J]. 2003 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, PROCEEDINGS, 2003, : 154 - 165
  • [5] HUBBERS E, 2006, P E SMART 2006 SOPH
  • [6] MARCHE C, 2006, P SOFTW ENG FORM MET
  • [7] McGraw G., 1999, SECURING JAVA
  • [8] MONTGOMERY M, 1999, P USENIX WORKSH SMAR
  • [9] MOSTOWSKI W, 2007, ICISR07029 RADB U
  • [10] *SUN MICR INC, 2006, JAV CARD 2 2 2 RUNT
12