Title :
A defensive Java Card virtual machine to thwart fault attacks by microarchitectural support
Author :
Lackner, Michael ; Berlach, Reinhard ; Hraschan, Michael ; Weiss, Rebecca ; Steger, Christian
Author_Institution :
Inst. for Tech. Inf., Graz Univ. of Technol., Graz, Austria
Abstract :
Java Cards, which are primarily used to store security-sensitive data, are employed in a wide range of applications, such as authentication and banking. Because these data must be protected against logical and fault attacks, static and runtime verification must be performed to assure the security of Java applets. Currently, this verification is performed in the software. Runtime verification for counteracting fault attacks is costly due to additional execution time and memory consumption. To circumvent the drawbacks of software verification, we propose incorporating a microarchitectural support of runtime verification directly into smart card hardware. These new hardware features enable a defensive virtual machine to counteract buffer overflow attacks, type confusion attacks, control flow attacks, and data integrity attacks. To measure the additional overhead of hardware and performance, the new microarchitectural security features are integrated into a smart card prototype on a field programmable gate array board.
Keywords :
Java; formal verification; operating systems (computers); security of data; software fault tolerance; virtual machines; Java applets security; defensive Java card virtual machine; memory consumption; microarchitectural support; runtime verification; security sensitive data; software verification; static verification; thwart fault attacks; time consumption; Acceleration; Hardware; Java; Runtime;
Conference_Titel :
Risks and Security of Internet and Systems (CRiSIS), 2013 International Conference on
Conference_Location :
La Rochelle
DOI :
10.1109/CRiSIS.2013.6766360
