Applet Security    & Interoperability Services

We have developed a methodology and the associated tools to efficiently assess the security and interoperability of embedded Java applications.

Our state-of-the-art bytecode validation technology is used on both Java Card and J2ME/MIDP applications to automatically enforce issuer policies. These policies include various requirements, including safety, security, and portability rules, as well as issuer-specific rules.

Based on this technology and on our in-depth knowledge of embedded systems security, we offer three kinds of application evaluation services for Java Card and J2ME/MIDP:

Black-box evaluation

Based solely on the application's binary code, this evaluation is entirely automated. It can be included as part of an application provisioning process in order to check the implementation of issuer policies.

Grey-box evaluation

Also based on the application's binary code, this evaluation heavily relies on our validation technology, complemented by an audit of the code by an expert. It provides a cost-effective complete security evaluation.

White-box evaluation

Performed on an application's source code, this evaluation is the most complete available, and it mostly consists of an audit by an expert. It is normally used only for the most sensitive applications.

Next page :
References in Applet Security and Interoperability

Back to the top