Java Card Virtual Machine Memory Organization: a Design Proposal

TL;DR

This paper proposes a detailed design for the memory organization of Java Card Virtual Machines to enhance security and standardization, based on analysis of existing tools and documentation.

Contribution

It provides a comprehensive approach to organizing JCVM memory, filling gaps in current implementations and aiding community efforts to improve Java Card security.

Findings

Identified key data requirements for JCVM memory

Proposed a standardized memory organization approach

Enhanced understanding of JCVM memory management

Abstract

The Java Card Virtual Machine (JCVM) platform is widely deployed on security-oriented components. JCVM implementations are mainly evaluated under security schemes. However, existing implementation are close-source without detail. We believe studying how to design JCVM will improve them and it can be reused by the community to improve Java Card security. In 2018, Bouffard et al. [6] introduced an Operating System (OS) which aims at running JCVM compatible implementation. This OS is compatible with several Commercially available Off-The-Shelf (COTS) components. This is a first step to design a secure JCVM platform. However, some important details are missing to design a secure-oriented Java Card platform. In this article, we focus on the JCVM memory. This memory contains everything required to run JCVM and applets. Currently, JCVM memory is out of the Java Card specification and each JCVM developer use his own approach. Based on the existing tools and documentation, we explain how to extract from the Java Card toolchain every data required by applets and JCVM. When data to store in memory are identified, this article introduces how to organize required data onto JCVM memory.