An implementation of secure flow type inference for a subset of Java

Download
Author
Akdemir, Ismail Okan
Date
1998-09Advisor
Volpano, Dennis
Second Reader
NA
Metadata
Show full item recordAbstract
Smart cards play an important role in a digital society. A smart card contains memory or an embedded microprocessor with the capability of enabling a wide variety of services, such as electronic cash in the case of memory cards and digital signature computation in the case of processor cards. A processor card can require a cardholder to authenticate herself in order to prevent others from using the card's services, from forging the cardholder's signature, for example. Authentication can be done by storing a personal identification number (PIN) or digitized fingerprint of the cardholder on the card itself. The PIN or fingerprint must always remain confidential no matter how the card is (ab)used. This thesis addresses the problem of preserving the privacy of information stored on smart cards. Volpano and Smith have developed a static analysis for analyzing source code for information flow violations. This technique is developed further here for a language called Java Card, in which smart card applications are written. A prototype analyzer is presented for a subset of Java Card and applied to a sample card application to demonstrate its utility in protecting private information stored on smart cards.
Collections
Related items
Showing items related by title, author, creator and subject.
-
The application of single-source shortest path algorithms to an OJSC contingency planning model and a vehicle routing model
Brown, Jerome W. Jr. (1987-03);This thesis investigates the use of" single-source shortest path algorithms in two unrelated contexts. In the first application, the label setting and label correcting algorithms are examined for applicability to and ... -
Software reliability model with optimal selection of failure data
Schneidewind, Norman F. (IEEE, 1993-11);In the use of software reliability models it is not necessarily the case that all the failure data should be used to estimate model parameters and to predict failures. The reason for this is that old data may not be as ... -
Graphical user interface design for NTCSSAM: shipboard administrative requirements
Graves, Thomas C. (Monterey, California. Naval Postgraduate School, 1995-03);Shipboard Naval Automated Data Processing (SNAP) is the U.S. Navy's administrative manager for surface ships. The Department of the Navy is developing a replacement system, Naval Tactical Command Support System Administrative ...