Java智能卡的安全漏洞分析与防御

Analysis and Defense of Security Breaches of Java Smart Card

下载PDF

导出

摘要智能卡由于自身较高的安全特性和易携带等优点,使其成为人们生活中被广泛使用的工具。Java智能卡凭借技术优势更是受到社会青睐。智能卡通常携带个人私密信息和重要数据,使之受到来自多方面的威胁。对Java智能卡的安全研究有助于提高卡内虚拟机的安全性。本文详细阐述JCVM(Java Card Virtual Machine)存在的安全漏洞,给出实际的病毒代码,深入分析并找出漏洞存在的根本原因,在研究学习前人的基础之上并结合实际给出对应的防御措施。 Smart cards because of its own higher security characteristic and advantage of easy to carry,etc,make it become the widely use tool in our live.Java smart card relies on its technology advantage but also favored by society.The personal confidential information and important data which smart cards usually carrying make it suffer some threads come from various aspects.For the study of the security of Java smart card help to improve the safety of the virtual machine inside card.The paper expounds the existing JCVM security vulnerabilities,presents the practical virus codes,with the thorough analysis and finds out the root cause of the vulnerabilities existing,in the study on the basis of predecessors and actually gives the corresponding defense measures.

作者毛永华李代平余成锋李文强

机构地区广东工业大学计算机学院

出处《计算机与现代化》 2012年第10期99-101,124,共4页 Computer and Modernization

关键词逻辑攻击类型迷惑对象重构 JCVM logical attacks type confusion object reconstruction JCVM

分类号 TP309 [自动化与计算机技术—计算机系统结构]

引文网络
相关文献

参考文献14

1Sun Microsystems, Inc. Virtual Machine Specification Java Card Platform, Version 2.2. I[Z]. 2003.
2Guillaume Bouffard, Jean-Louis I_anet. The next smart card nightmare logical attacks, combined attacks, mutant appli- cations and other funny things[ C ]//LNCS. 2012:405-424.
3Sun Microsystems, Inc. Runtime Environment Specification Java CardTM Platform, Version 2.2.1 [ Z]. 2003.
4Wojciech Mostowski, Erik Poll. Malicious code on Java card smartcards : Attacks and countermeasures [ C ]//Pro- ceedings of the 8th IFIP WG 8.8/11.2 International Con- ference on Smart Card Research and Advanced Applica- tions. 2008 : 1-16.
5Beckert B, Mostowski W. A program logic for handling Ja- va card' s transaction mechanism [ C ]//Proceedings of the 6th International Conference on Fundamental Approaches to Software Engineering. 2003: 246-260.
6Marche C, Rousset, N. Verification of Java card applets behavior with respect to transactions and card tears [ C ]// Proceedings of the Fourth IEEE International Conference on Software En-neering and Formal Methods. 2006 : 137-146.
7Hubbers E, Mostowski W, Poll E. Tearing Java cards [ C]//Proceedings, E-Smart. 2006:20-22.
8Ahmadou A1 Khary S-r6, Jltlien Iguchi-Cartigny, Jean-Louis Lanet. Checking the paths to identify mutant application on embedded systems[ C]//LNCS. 2010:459-468.
9Guillaume Barbu, Guillaume Due, Philippe Hoogvorst. Ja-va card operand stack : Fault attacks, combined attacks and countermeasures [ C ]//LNCS. 2011 : 297-313.
10Guillaume Barbu, Philippe Hoogvorst, Guillaume Duc. Application-replay attack on Java eards: When the garbagecollector gets confused[ C]//LNCS. 2012 : 1-13.

1鲁川,张立臣.Java智能卡内存调度机制研究与分析[J].计算机应用与软件,2013,30(9):290-292.
2何利明,李代平,徐宏宁,谢晶晶,马海峰.JCVM中栈与帧的研究和设计[J].微型机与应用,2011,30(7):4-6.
3林渡,朱德恒,李福祺.基于对象重构的变压器诊断专家系统[J].高电压技术,2002,28(8):1-3. 被引量：2
4李彦超,吕丽民,胡新建.Java卡关键技术的研究及实现[J].计算机应用,2006,26(3):742-745.
5张大伟,张其善.JCVM异常处理机制[J].计算机工程,2003,29(14):24-26.
6常青,靳伟,李春龙,张其善.JCVM解析优化设计与实现[J].北京航空航天大学学报,2004,30(12):1204-1207. 被引量：3
7唐小勇,羊性滋.应用于智能卡的Java嵌入式微处理器核的设计[J].微电子学,2000,30(6):382-386. 被引量：2
8曹晓,李莹.基于反馈的JCVM指令预调度方案[J].计算机工程,2014,40(1):78-82. 被引量：1
9张建杰,杨之廉,葛元庆.JAVA智能卡微处理器的设计与验证[J].清华大学学报（自然科学版）,2002,42(1):104-107. 被引量：1
10吴俊军,郭建平.基于缓存的JCVM性能优化方法研究[J].计算机工程与科学,2010,32(3):141-143. 被引量：1

计算机与现代化

2012年第10期

浏览历史

内容加载中请稍等...

Java智能卡的安全漏洞分析与防御

参考文献14

相关作者

相关机构

相关主题

浏览历史