An implementation of secure flow type inference for a subset of Java
Loading...
Authors
Akdemir, Ismail Okan
Subjects
NA
Advisors
Volpano, Dennis
Date of Issue
1998-09
Date
Publisher
Monterey, California. Naval Postgraduate School
Language
en_US
Abstract
Smart cards play an important role in a digital society. A smart card contains memory or an embedded microprocessor with the capability of enabling a wide variety of services, such as electronic cash in the case of memory cards and digital signature computation in the case of processor cards. A processor card can require a cardholder to authenticate herself in order to prevent others from using the card's services, from forging the cardholder's signature, for example. Authentication can be done by storing a personal identification number (PIN) or digitized fingerprint of the cardholder on the card itself. The PIN or fingerprint must always remain confidential no matter how the card is (ab)used. This thesis addresses the problem of preserving the privacy of information stored on smart cards. Volpano and Smith have developed a static analysis for analyzing source code for information flow violations. This technique is developed further here for a language called Java Card, in which smart card applications are written. A prototype analyzer is presented for a subset of Java Card and applied to a sample card application to demonstrate its utility in protecting private information stored on smart cards.
Type
Thesis
Description
Series/Report No
Department
Computer Science
Organization
Identifiers
NPS Report Number
Sponsors
Funding
Format
xii, 37 p.;28 cm.
Citation
Distribution Statement
Approved for public release; distribution is unlimited.