Abstract
User Centric Smart Card Ownership Model (UCOM) gives the ``freedom of choice'' of respective applications to the smart card users. The user-centric architecture requires a trusted entity to be present on the smart card to provide security assurance and validation to the requesting application providers. In this paper, we propose the inclusion of a trusted computing platform for smart cards that we refer as the Trusted Environment Execution Manager (TEM). This is followed by the rationale behind the changes to the traditional smart card architecture to accommodate the remote security assurance and validation mechanism. We propose an attestation protocol that provides an on-demand security validation of a smart card by its respective manufacturer. Finally, the attestation protocol is informally analysed, and its test implementation and performance measurements are presented.
| Original language | English |
|---|---|
| Title of host publication | International Conference on Information and Communications Security (ICICS 2013) |
| Editors | S. Qing |
| Place of Publication | Beijing, China |
| Publisher | Springer International Publishing AG |
| Pages | 151-166 |
| Number of pages | 16 |
| Publication status | Published - 20 Nov 2013 |
| Event | ICICS: International Conference on Information and Communications Security - Beijing, China Duration: 20 Nov 2013 → 22 Nov 2013 Conference number: 15th |
Conference
| Conference | ICICS |
|---|---|
| Abbreviated title | ICICS 2013 |
| Country/Territory | China |
| City | Beijing |
| Period | 20/11/13 → 22/11/13 |