• Corpus ID: 239024605

Java Card Virtual Machine Memory Organization: a Design Proposal

  title={Java Card Virtual Machine Memory Organization: a Design Proposal},
  author={Guillaume Bouffard and Vincent Giraud and L'eo Gaspard},
The Java Card Virtual Machine (JCVM) platform is widely deployed on security-oriented components. JCVM implementations are mainly evaluated under security schemes. However, existing implementation are close-source without detail. We believe studying how to design JCVM will improve them and it can be reused by the community to improve Java Card security. In 2018, Bouffard et al. [6] introduced an Operating System (OS) which aims at running JCVM compatible implementation. This OS is compatible… 

Figures from this paper



Mitigating Type Confusion on Java Card

A framework based on annotations with an external pre-processing to switch the Java Card Virtual Machine (JCVM) into a secure mode by activating a set of countermeasures against type confusion with a fault attack is proposed.

Attacks on Java Card 3.0 Combining Fault and Logical Attacks

It is demonstrated that running ill-formed application does not necessarily mean loading and installing ill- formed application and a brand new kind of attack which combines fault injection and logical tampering is introduced which leads to the modification of any method already installed on the card into any malicious bytecode.

Hardening a Java Card Virtual Machine Implementation with the MPU

How the Memory Protection Unit (MPU) can be used to segregate each Java Card applet from the Operating System (OS) and device drivers is described.

Towards the Hardware Accelerated Defensive Virtual Machine - Type and Bound Protection

In this piece of work, designs for Java Card Virtual Machines are investigated in relation to their ability to perform run-time security checks, accelerated by hardware units and performed in parallel to CPU instructions that are executing concurrently.

Java Card Operand Stack: Fault Attacks, Combined Attacks and Countermeasures

This article explores the path by presenting both Fault Attacks and Combined Attacks taking advantage of an alteration of the operand stack, and provides experimental results proving the practical feasibility of these attacks and illustrating their efficiency.

Combined Software and Hardware Attacks on the Java Card Control Flow

Two attacks to modify the Java Card control flow and to execute the authors' own malicious byte code are described with the help of a laser beam.

Tampering with Java Card Exceptions - The Exception Proves the Rule

This article proposes several attacks against Java Card platforms based on both exception handling and exception throwing, and points out that a weakness known by the web-oriented Java community for more than a decade still passes the different steps of the state-of-the-art Java Card application deployment process.

Subverting Byte Code Linker service to characterize Java Card API

This work has developed and experimented on most of the Java Card publicly available this generic attack, and presents an example of virus using the result of this attack.

The ultimate control flow transfer in a Java based smart card

Java Card security , Software and Combined attacks

This paper presents software attacks with verified applets exploiting flaws in JCVM implementations and new techniques for combined attacks.