Using the theorem prover Isabelle/HOL we have formalized and proved correct and
executable bytecode verifier in the style of Kildall's algorithm for a significant subset of the …

Smart cards were invented four decades ago so as to keep data secrets and to process them
secretly. Even though their main goal are still the same today, the smart cards have been …

Smart cards have been proliferated into many aspects of modern life. Historically, the
ownership of smart cards has remained with the smart card issuers. Although this ownership …

The Java programming language provides safety and security guarantees such as type
safety and its security architecture. They distinguish it from other mainstream programming …

This paper reports on the use of the Coq proof assistant for the formal verification of applet
isolation properties in Java Card technology. We focus on the confidentiality property. We …

We present the operational semantics of Carmel, a language that models the Java Card
Virtual Machine Language. We define a small-step relation between program configurations …

We describe a package to reason efficiently about executable specifications in Coq. The
package provides a command for synthesizing a customized induction principle for a …

The predominant smart card ownership model is the issuer centric, and it has played a vital
role in the proliferation of the technology. However, recent developments of multi-application …

Four kinds of abstraction for the design and analysis of fault–tolerant distributed systems are
discussed. These abstractions concern system messages, faults, fault–masking voting, and …

The bytecode verifier (BCV), which performs a static analysis to reject potentially insecure
programs, is a key security function of the Java (Card) platform. Over the last few years there …