JCSI / Wiki / Home

Home

Authors:

Welcome to your wiki!

This is the default page, edit it as you see fit. To add a new page simply reference it within brackets, e.g.: [SamplePage].

The wiki uses Markdown syntax.

Project Members:

Paolo Masci (admin)

Discussion

Paolo Masci - 2013-06-26

JCSI: A Tool for Checking Secure Information Flow in Java Card Applications

JCSI is a prototype tool for the analysis and visualisation of Java Card CAP files. The analysis method implemented in the tool is based on the theory of abstract interpretation and a multi-level security policy assignment. Actual values of variables are abstracted into security levels, and bytecode instructions are executed over an abstract domain. The tool can be used for discovering security issues due to explicit or implicit information flows and for checking security properties of Java Card applications downloaded from untrusted sources.

Reference Publications

JCSI: A Tool for Checking Secure Information Flow in Java Card Applications.
M. Avvenuti, C. Bernardeschi, N. De Francesco, P. Masci
In Journal of Systems & Software, 85(11), pp. 2479-2493, 2012, ISSN 0164-1212.

Downloads

User manual
Pacap example
Pre-compiled JCSI (ver.1.2

Screenshots

Last edit: Paolo Masci 2013-06-26

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.