摘要
随着现代生活中对于智能卡多应用需求的不断提升,Java Card得到了越来越广泛的使用。Java Card标准API的定义是将平台和应用开发进行了分离,使得开发应用更为便利。同时,Java Card提供的这种通用且开放的模式也使得Java Card API的安全性显得尤为重要。论文探讨了Java Card API的安全性测试方法,该方法提供了如何编写测试Applet,并通过修改测试Applet的Cap文件的方式,将修改后的Cap文件下载在智能卡中,从而达到非法获取智能卡中有效信息的攻击效果,以此来验证Java Card API的安全性。本文所提供的测试方法,可以有效地被利用在JavaCard API的安全性测试中。
With the increasing demand for smart card multi-application in modern life,Java Card has been used more and more widely.The definition of Java Card standard API separates the platform and application development,making theapplication development more convenient.This general and open mode provided by Java Card makes the security of Java Card API particularly important.This paper discusses the security testing method of Java Card API.This method provides how to write test Applet,and download the modified Cap files into smart cards by modifying the Cap files of test Applet,so as to achieve the attack effect of illegal access to effective information in smart card.The security of Java Card API is proved.The test method provided in this paper can be effectively used in the security test of JavaCard API.
作者
左捷
ZUO Jie(Shanghai Development Center of Computer Software Technology,Shanghai 201112,China;Shanghai Key Laboratory of Computer Software Testing & Evaluating,Shanghai 201112,China)
出处
《中国集成电路》
2019年第4期81-84,93,共5页
China lntegrated Circuit
基金
上海市科委项目(编号:18DZ2203700)资助