Abstract
Smart cards are mostly deployed in security-critical environments in order to provide a secure and trusted access to the provisioned services. These services are delivered to a cardholder using the Service Provider's (SPs) applications on his or her smart card(s). These applications are at their most vulnerable state when they are executing. There exist a variety of runtime attacks that can circumvent the security checks implemented either by the respective application or the runtime environment to protect the smart card platform, user and/or application. In this paper, we discuss the Java Runtime Environment and a potential threat model based on runtime attacks. Subsequently, we discussed the counter-measures that can be deployed to provide a secure and reliable execution platform, along with an evaluation of their effectiveness, incurred performance-penalty and latency.
Original language | English |
---|---|
Title of host publication | European Symposium on Research in Computer Security (ESORICS 2015) |
Place of Publication | Vienna, Austria |
Publisher | Springer |
Number of pages | 20 |
ISBN (Electronic) | 978-3-319-24177-7 |
ISBN (Print) | 978-3-319-24176-0 |
DOIs | |
Publication status | Published - 18 Nov 2015 |
Keywords
- Smart Card
- Java Card
- Fault Attacks
- Combined Attacks
- Counter-Measures
- Java Runtime Environment