Mobile Resource Guarantees for Smart Devices

Abstract. We present the Mobile Resource Guarantees framework: a system for ensuring that downloaded programs are free from run-time violations of resource bounds. Certificates are attached to code in the form of efficiently checkable proofs of resource bounds; in contrast to cryptographic certificates of code origin, these are independent of trust networks. A novel programming language with resource constraints encoded in function types is used to streamline the generation of proofs of resource usage.

Combined Software and Hardware Attacks on the Java Card Control Flow

Part 7: Java Card SecurityInternational audienceThe Java Card uses two components to ensure the security of its model. On the one hand, the byte code verifier (BCV) checks, during an applet installation, if the Java Card security model is ensured. This mechanism may not be present in the card. On the other hand, the firewall dynamically checks if there is no illegal access. This paper describes two attacks to modify the Java Card control flow and to execute our own malicious byte code. In the first attack, we use a card without embedded security verifier and we show how it is simple to change the return address of a current function. In the second attack, we consider the hypothesis that the card embeds a partial implementation of a BCV. With the help of a laser beam, we are able to change the execution flow

Towards an embedded real-time Java virtual machine

Most computers today are embedded, i.e. they are built into some products or system that is not perceived as a computer. It is highly desirable to use modern safe object-oriented software techniques for a rapid development of reliable systems. However, languages and run-time platforms for embedded systems have not kept up with the front line of language development. Reasons include complex and, in some cases, contradictory requirements on timing, concurrency, predictability, safety, and flexibility. A carefully tailored Java virtual machine (called IVM) is proposed as an approach to overcome these difficulties. In particular, real-time garbage collection has been considered an essential part. The set of bytecodes has been revised to require less memory and to facilitate predictable execution. To further reduce the memory footprint, the class loader can be located outside the embedded processor. Since the accomplished concurrency is crucial for the function of many embedded applications, the scheduling can be defined on the application level in Java. Finally considering future needs for flexibility and on-line configuration of embedded system, the IVM has a unique structure with which, for instance, methods being objects that can be replaced and GCed. The approach has been experimentally verified by a full prototype implementation of such a virtual machine. By making the prototype available for development of real products, this in turn has confronted the solutions with real industrial demands. It was found that the IVM can be easily integrated in typical systems today and the mentioned requirements are fulfilled. Based on experiences from more than 10 projects utilising the novel Java-oriented techniques, there are reasons to believe that the proposed approach is very promising for future flexible embedded systems

An Asymmetric Fingerprint Matching Algorithm for Java Card

A novel fingerprint matching algorithm is proposed in this paper. The algorithm is based on the minutiae local structures, that are invariant with respect to global transformations like translation and rotation. Match algorithm has been implemented inside a smartcard over the Java Card? platform, meeting the individual\u27s need for information privacy and the overall authentication procedure security, since the card owner biometric template never leaves the private support device and the match is computed inside a secure environment. The main characteristic of the algorithm is to have an asymmetric behaviour between correct positive matches (between two same fingerprint samples) and correct negative matches (between two different fingerprint images): in the first case, the match procedure stops as it finds that images belong to the same fingerprint, gaining high speed efficiency, while in the second case the verification process lasts longer, exploring all the minutiae pairings. The performances in terms of authentication reliability and speed have been tested on the databases from the Fingerprint Verification Competition 2002 edition (FVC2002) by taking in account the different hardware to run the algorithms. Moreover, our procedure has showed better reliability results when compared on a common database with a related algorithm developed specifically for Java Card?