An implementation of secure flow type inference for a subset of Java

Abstract

Smart cards play an important role in a digital society. A smart card contains memory or an embedded microprocessor with the capability of enabling a wide variety of services, such as electronic cash in the case of memory cards and digital signature computation in the case of processor cards. A processor card can require a cardholder to authenticate herself in order to prevent others from using the card's services, from forging the cardholder's signature, for example. Authentication can be done by storing a personal identification number (PIN) or digitized fingerprint of the cardholder on the card itself. The PIN or fingerprint must always remain confidential no matter how the card is (ab)used. This thesis addresses the problem of preserving the privacy of information stored on smart cards. Volpano and Smith have developed a static analysis for analyzing source code for information flow violations. This technique is developed further here for a language called Java Card, in which smart card applications are written. A prototype analyzer is presented for a subset of Java Card and applied to a sample card application to demonstrate its utility in protecting private information stored on smart cards.