Recherche avancée

A Generic Approach for Protecting Java Card™ Smart Card Against Software Attacks Lien permanent vers ce document

Lien permanent vers ce document
Télécharger
Suivez ce document
Options d'export
Imprimer
Smart cards are the keystone of various applications which we daily use: pay money for travel, phone, etc. To improve the security of this device with a friendly development environment, the Java technology has been designed to be embedded in a smart card. Introduce in the mid-nineties, this technology becomes nowadays the leading application platform in the world. As a smart card embeds critical information, evil-minded people are interested to attack this device. In smart card domain, attacks and countermeasures are advancing at a fast rate. In order to have a generic view of all the attacks, we propose to use the Fault Tree Analysis. This method used in safety analysis helps to understand and implement all the desirable and undesirable events existing in this domain. We apply this method to Java Card vulnerability analysis. We define the properties that must be ensured: integrity and confidentiality of smart card data and code. During this thesis, we focused on the integrity property, especially on the code integrity. Indeed, a perturbation on this element can break each other properties. By modelling the conditions, we discovered new attack paths to get access to the smart card contents. We introduce new countermeasures to mitigate the undesirable events defined in the tree models. Créé par Bouffard Guillaume 5 févr. 2015 Version 0.1
Fichier Principal
2014LIMO0007.pdf 2 Mo
Télécharger
Tags associés

Cette instance de Nuxeo n'est pas enregistrée sur Nuxeo Connect: vous ne pourrez pas obtenir les derniers correctifs et garder votre application à jour.

Version de Nuxeo : 5.8. Inscrivez-vous à Nuxeo Connect et enregistrez votre instance pour bénéficier automatiquement de la maintenance.