Skip to main content
SpringerLink
Log in

A Method for Secure Smartcard Applications

  • Conference paper
  • First Online:
Algebraic Methodology and Software Technology (AMAST 2002)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2422))

Abstract

We have presented a method for the formal development of secure smartcard applications. The method combines and integrates different techniques (with algebraic specifications at the core) to tackle the different problems: objects and distributed systems, attackers and cryptographic protocols, JavaCard programs and limited resources. The techniques include UML models enriched by algebraic specifications, and dynamic logic for JavaCard verification. The method is tailored to take advantage of the special features of smartcard scenarios, and to make proving securityand correctness as easy as possible. The method is illustrated with a small but surprisinglyco mplex example, a copy card. The approach is implemented in the KIV specification and verification system.

http://www.informatik.uni-augsburg.de/swt/fmg/

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. J. Alves-Foss, editor. Formal Syntax and Semantics of Java. Springer LNCS 1523, 1999.

    Google Scholar 

  2. R. Anderson and R. Needham. Programming satan’s computer. In J. van Leeuwen, editor, Computer Science Today: Recent Trends and Developments. Springer LNCS 1000, 1995.

    Google Scholar 

  3. M. Balser, W. Reif, G. Schellhorn, K. Stenzel, and A. Thums. Formal system development with KIV. In T. Maibaum, editor, Fundamental Approaches to Software Engineering, number 1783 in LNCS. Springer, 2000.

    Chapter  Google Scholar 

  4. B. Beckert. A dynamic logic for the formal verification of java card programs. In I. Attali and T. Jensen, editors, Java on Smart Cards. Springer LNCS 2041, 2000.

    Google Scholar 

  5. M. Burrows, M. Abadi, and R. Needham. A logic of authentication. Technical report, SRC Research Report 39, 1989.

    Google Scholar 

  6. CoFI: The Common Framework Initiative. Casl—the CoFI algebraic specification language tentative design: Language summary, 1997. http://www.brics.dk/Projects/CoFI.

  7. R. Eshuis and R. Wieringa. A formal semantics for uml activity diagrams—formalising workflow models. Technical report, University of Twente, February 2001. http://wwwhome.cs.utwente.nl/~eshuis/adsem.pdf.

  8. D. Harel. First Order Dynamic Logic. LNCS 68. Springer, Berlin, 1979.

    MATH  Google Scholar 

  9. International Standards Organization, Geneva. ISO 7816—Identification Cards—Integrated cicuit(s) cards with contacts. several parts, 1987–1997.

    Google Scholar 

  10. Lawrence C. Paulson. The inductive approach to verifying cryptographic protocols. Journal of Computer Security, 6:85–128, 1998.

    Google Scholar 

  11. G. Reggio, M. Cerioli, and E. Astesiano. An Algebraic Semantics of UML Supporting its Multiview Approach. In Proc. AMiLP 2000 of the Twente Workshop on Language Technology n. 16, Enschede, University of Twente, 2000.

    Google Scholar 

  12. W. Reif. The KIV-approach to Software Verification. In M. Broy and S. Jähnichen, editors, KORSO: Methods, Languages, and Tools for the Construction of Correct Software—Final Report, LNCS 1009. Springer, Berlin, 1995.

    Chapter  Google Scholar 

  13. G. Schellhorn, W. Reif, A. Schairer, P. Karger, V. Austel, and D. Toll. Verification of a formal security model for multiapplicative smart cards. In Proc. of the 6 th European Symposium on Research in Computer Security (ESORICS), LNCS 1895, pages 17–36. Springer, 2000.

    Google Scholar 

  14. Kurt Stenzel. Verification of JavaCard Programs. Technical report 2001-5, Institut für Informatik, Universität Augsburg, Germany, 2001. Available at http://www.Informatik.Uni-Augsburg.DE/swt/fmg/papers/.

  15. The Object Management Group (OMG). OMG Unified Modeling Language Specification, 1999. http://www.omg.org/technology/uml.

  16. David von Oheimb. Axiomatic semantics for Javalight in Isabelle/HOL. In S. Drossopoulou, S. Eisenbach, B. Jacobs, G. T. Leavens, P. Müller, and A. Poetzsch-Heffter, editors, Formal Techniques for Java Programs. Technical Report 269, 5/2000, Fernuniversität Hagen, Fernuniversität Hagen, 2000.

    Google Scholar 

  17. Benkt Wangler and Lars Bergman, editors. An Overview of RoZ: A Tool for Integrating UML and Z Specifications, volume 1789 of Lecture Notes in Computer Science. Springer, 2000.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Lehrstuhl für Softwaretechnik und Programmiersprachen Institut für Informatik, Universität Augsburg, 86135, Augsburg, Germany

    Dominik Haneberg, Wolfgang Reif & Kurt Stenzel

Authors
  1. Dominik Haneberg
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Wolfgang Reif
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kurt Stenzel
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. LORIA - CNRS & INRIA, Campus Scientifique, Bâtiment LORIA, BP 239, 54506, Vandoeuvre-lès-Nancy, France

    Hélène Kirchner

  2. LORIA - INRIA, 615, rue du Jardin Botanique, 54602, Villers-lès-Nancy, France

    Christophe Ringeissen

Rights and permissions

Reprints and permissions

Copyright information

© 2002 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Haneberg, D., Reif, W., Stenzel, K. (2002). A Method for Secure Smartcard Applications. In: Kirchner, H., Ringeissen, C. (eds) Algebraic Methodology and Software Technology. AMAST 2002. Lecture Notes in Computer Science, vol 2422. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45719-4_22

Download citation

  • DOI: https://doi.org/10.1007/3-540-45719-4_22

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-44144-1

  • Online ISBN: 978-3-540-45719-0

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation