Skip to Main content Skip to Navigation

A Generic Approach for Protecting Java Card™ Smart Card Against Software Attacks

Abstract : Smart cards are the keystone of various applications which we daily use: pay money for travel, phone, etc. To improve the security of this device with a friendly development environment, the Java technology has been designed to be embedded in a smart card. Introduce in the mid-nineties, this technology becomes nowadays the leading application platform in the world. As a smart card embeds critical information, evil-minded people are interested to attack this device. In smart card domain, attacks and countermeasures are advancing at a fast rate. In order to have a generic view of all the attacks, we propose to use the Fault Tree Analysis. This method used in safety analysis helps to understand and implement all the desirable and undesirable events existing in this domain. We apply this method to Java Card vulnerability analysis. We define the properties that must be ensured: integrity and confidentiality of smart card data and code. During this thesis, we focused on the integrity property, especially on the code integrity. Indeed, a perturbation on this element can break each other properties. By modelling the conditions, we discovered new attack paths to get access to the smart card contents. We introduce new countermeasures to mitigate the undesirable events defined in the tree models.
Document type :
Complete list of metadata

Cited literature [130 references]  Display  Hide  Download
Contributor : ABES STAR :  Contact
Submitted on : Tuesday, December 2, 2014 - 10:01:56 AM
Last modification on : Wednesday, December 22, 2021 - 11:58:02 AM
Long-term archiving on: : Tuesday, March 3, 2015 - 10:41:38 AM


Version validated by the jury (STAR)


  • HAL Id : tel-01089654, version 1



Guillaume Bouffard. A Generic Approach for Protecting Java Card™ Smart Card Against Software Attacks. Electronics. Université de Limoges, 2014. English. ⟨NNT : 2014LIMO0007⟩. ⟨tel-01089654⟩



Record views


Files downloads