×

Applet verification strategies for RAM-constrained devices. (English) Zbl 1028.68524

Lee, Pil Joong (ed.) et al., Information security and cryptology - ICISC 2002. 5th international conference, Seoul, Korea, November 28-29, 2002. Revised papers. Berlin: Springer. Lect. Notes Comput. Sci. 2587, 118-137 (2003).
Summary: While bringing considerable flexibility and extending the horizons of mobile computing, mobile code raises major security issues. Hence, mobile code, such as Java applets, needs to be analyzed before execution. The byte-code verifier checks low-level security properties that ensure that the downloaded code cannot bypass the virtual machine’s security mechanisms. One of the statically ensured properties is type safety. The type-inference phase is the overwhelming resource-consuming part of the verification process. This paper addresses the RAM bottleneck met while verifying mobile code in memory-constrained environments such as smart-cards. We propose to modify classic type-inference in a way that significantly reduces memory consumption. Our algorithm is inspired by bit-slice data processing and consists in running the verifier on each variable in turn. In other words, instead of running the fix-point calculation algorithm once on \(M\) variables, we re-launch the algorithm \(M/\ell\) times, verifying each time only \(\ell\) variables. Parameter \(\ell\) can then be tuned to suit the RAM resources available on board whereas \(M/\ell\) upper-bounds the computational effort (expressed in re-runs of the usual fix-point calculation algorithm). The resulting RAM economy, as experimented on a number of popular applets, is around 40%.
For the entire collection see [Zbl 1015.00034].

MSC:

68P25 Data encryption (aspects in computer science)
PDFBibTeX XMLCite
Full Text: Link