Application-Binding Protocol in the User Centric Smart Card Ownership Model

Raja Naeem Akram; Konstantinos Markantonakis; Keith Mayes

doi:10.1007/978-3-642-22497-3_14

Application-Binding Protocol in the User Centric Smart Card Ownership Model

Raja Naeem Akram, Konstantinos Markantonakis, Keith Mayes

Computing Science

Research output: Chapter in Book/Report/Conference proceeding › Published conference contribution

7 Citations (Scopus)

Abstract

The control of the application choice is delegated to the smart card users in the User Centric Smart Card Ownership Model (UCOM). There is no centralised authority that controls the card environment, and it is difficult to have implicit trust on applications installed on a smart card. The application sharing mechanism in smart cards facilitates corroborative and interrelated applications to co-exist and augment each other's functionality. The already established application sharing mechanisms (e.g. in Java Card and Multos) do not fully satisfy the security requirements of the UCOM. Therefore, the application sharing mechanism in the UCOM requires a security framework that provides runtime authentication, and verification of an application. Such a framework is the focus of this paper. To support the framework, we propose a protocol that is verified using CasperFDR. In addition, we implemented the protocol and provide a performance comparison with existing protocols.

Original language	English
Title of host publication	Australasian Conference on Information Security and Privacy (ACISP 2011)
Place of Publication	Melbourne, Australia
Publisher	Springer
Number of pages	18
DOIs	https://doi.org/10.1007/978-3-642-22497-3_14
Publication status	Published - 1 Jul 2011

Access to Document

10.1007/978-3-642-22497-3_14

Cite this

@inproceedings{ae698e5970cb40128d92b92584b8f54d,

title = "Application-Binding Protocol in the User Centric Smart Card Ownership Model",

abstract = "The control of the application choice is delegated to the smart card users in the User Centric Smart Card Ownership Model (UCOM). There is no centralised authority that controls the card environment, and it is difficult to have implicit trust on applications installed on a smart card. The application sharing mechanism in smart cards facilitates corroborative and interrelated applications to co-exist and augment each other's functionality. The already established application sharing mechanisms (e.g. in Java Card and Multos) do not fully satisfy the security requirements of the UCOM. Therefore, the application sharing mechanism in the UCOM requires a security framework that provides runtime authentication, and verification of an application. Such a framework is the focus of this paper. To support the framework, we propose a protocol that is verified using CasperFDR. In addition, we implemented the protocol and provide a performance comparison with existing protocols.",

author = "Akram, {Raja Naeem} and Konstantinos Markantonakis and Keith Mayes",

year = "2011",

month = jul,

day = "1",

doi = "10.1007/978-3-642-22497-3_14",

language = "English",

booktitle = "Australasian Conference on Information Security and Privacy (ACISP 2011)",

publisher = "Springer ",

}

TY - GEN

T1 - Application-Binding Protocol in the User Centric Smart Card Ownership Model

AU - Akram, Raja Naeem

AU - Markantonakis, Konstantinos

AU - Mayes, Keith

PY - 2011/7/1

Y1 - 2011/7/1

N2 - The control of the application choice is delegated to the smart card users in the User Centric Smart Card Ownership Model (UCOM). There is no centralised authority that controls the card environment, and it is difficult to have implicit trust on applications installed on a smart card. The application sharing mechanism in smart cards facilitates corroborative and interrelated applications to co-exist and augment each other's functionality. The already established application sharing mechanisms (e.g. in Java Card and Multos) do not fully satisfy the security requirements of the UCOM. Therefore, the application sharing mechanism in the UCOM requires a security framework that provides runtime authentication, and verification of an application. Such a framework is the focus of this paper. To support the framework, we propose a protocol that is verified using CasperFDR. In addition, we implemented the protocol and provide a performance comparison with existing protocols.

AB - The control of the application choice is delegated to the smart card users in the User Centric Smart Card Ownership Model (UCOM). There is no centralised authority that controls the card environment, and it is difficult to have implicit trust on applications installed on a smart card. The application sharing mechanism in smart cards facilitates corroborative and interrelated applications to co-exist and augment each other's functionality. The already established application sharing mechanisms (e.g. in Java Card and Multos) do not fully satisfy the security requirements of the UCOM. Therefore, the application sharing mechanism in the UCOM requires a security framework that provides runtime authentication, and verification of an application. Such a framework is the focus of this paper. To support the framework, we propose a protocol that is verified using CasperFDR. In addition, we implemented the protocol and provide a performance comparison with existing protocols.

U2 - 10.1007/978-3-642-22497-3_14

DO - 10.1007/978-3-642-22497-3_14

M3 - Published conference contribution

BT - Australasian Conference on Information Security and Privacy (ACISP 2011)

PB - Springer

CY - Melbourne, Australia

ER -

Application-Binding Protocol in the User Centric Smart Card Ownership Model

Abstract

Access to Document

Fingerprint

Cite this