In the multiapplicative context of smart cards, a strict control of underlying information flow between applications is highly desired. In this paper we propose a model to improve information flow usability in such systems by limiting the overhead for adding information flow security to a Java Virtual Machine. We define a domain specific language for defining security policies describing the allowed information flow inside the card. The applications are certified at loading time with respect to information flow security policies. We illustrate our approach on the LoyaltyCard, a multiapplicative smart card involving four loyalty applications sharing fidelity points. © IFIP International Federation for Information Processing 2008.
CITATION STYLE
Ghindici, D., & Simplot-Ryl, I. (2008). On practical information flow policies for java-enabled multiapplication smart cards. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5189 LNCS, pp. 32–47). https://doi.org/10.1007/978-3-540-85893-5_3
Mendeley helps you to discover research relevant for your work.