Smart cards have been deployed as trusted components in a wide range of industries. The basis of the trust on a smart card platform and applications is static and evaluated before the card issuance to cardholders. A dynamic and post-issuance security assurance and validation mechanism can be useful, but it is not considered necessary in the Issuer Centric Smart Card Ownership Model. However, in an open and dynamic smart card environment like the User Centric Smart Card Ownership Model, it is essential to have a mechanism that on request could provide assurance and validation of the implemented and evaluated security mechanisms. Such a framework is the focus of this paper.
|Title of host publication||IFIP International Information Security Conference (IFIP SEC 2010)|
|Subtitle of host publication||Security and Privacy – Silver Linings in the Cloud|
|Place of Publication||Brisbane, Australia|
|Number of pages||11|
|Publication status||Published - 1 Sep 2010|