CoCoon - Codesign for Countermeasures against Malicious Applications on Java Cards

The main idea in the CoCoon project is to activate Issuer Centric Ownership for Java Smart Cards. This means that everybody will have only one Smart Card which stores different applications for banking or transportation. A big security problem is that the user will be able to download Java Card applets from untrusted sources which could contain malicious Java bytecode. This can lead to the problem that one applet is able to read out or manipulate security relevant data from another applet. This can be a big security problem if you think of the case of changing the credit data of a financial applet. Another big problem is the fact that the Java Card is running in an unsecure environment which means that physical attacks can be performed on the card to provoke faults which could also lead to security threats.