×

Application-binding protocol in the user centric smart card ownership model. (English) Zbl 1295.94005

Parampalli, Udaya (ed.) et al., Information security and privacy. 16th Australasian conference, ACISP 2011, Melbourne, Australia, July 11–13, 2011. Proceedings. Berlin: Springer (ISBN 978-3-642-22496-6/pbk). Lecture Notes in Computer Science 6812, 208-225 (2011).
Summary: The control of the application choice is delegated to the smart card users in the User Centric Smart Card Ownership Model (UCOM). There is no centralised authority that controls the card environment, and it is difficult to have implicit trust on applications installed on a smart card. The application sharing mechanism in smart cards facilitates corroborative and interrelated applications to co-exist and augment each other’s functionality. The already established application sharing mechanisms (e.g. in Java Card and Multos) do not fully satisfy the security requirements of the UCOM that require a security framework that provides runtime authentication, and verification of an application. Such a framework is the focus of this paper. To support the framework, we propose a protocol that is verified using CasperFDR. In addition, we implemented the protocol and provide a performance comparison with existing protocols.
For the entire collection see [Zbl 1217.94003].

MSC:

94A60 Cryptography
94A62 Authentication, digital signatures and secret sharing

Software:

Casper
PDFBibTeX XMLCite
Full Text: DOI