Skip to main content
SpringerLink
Log in

Application-Binding Protocol in the User Centric Smart Card Ownership Model

  • Conference paper
Book cover Information Security and Privacy (ACISP 2011)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6812))

Included in the following conference series:

Abstract

The control of the application choice is delegated to the smart card users in the User Centric Smart Card Ownership Model (UCOM). There is no centralised authority that controls the card environment, and it is difficult to have implicit trust on applications installed on a smart card. The application sharing mechanism in smart cards facilitates corroborative and interrelated applications to co-exist and augment each other’s functionality. The already established application sharing mechanisms (e.g. in Java Card and Multos) do not fully satisfy the security requirements of the UCOM that require a security framework that provides runtime authentication, and verification of an application. Such a framework is the focus of this paper. To support the framework, we propose a protocol that is verified using CasperFDR. In addition, we implemented the protocol and provide a performance comparison with existing protocols.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Multos: The Multos Specification

    Google Scholar 

  2. Casper: A Compiler for the Analysis of Security Protocols, Journal of Computer Security (June 1998)

    Google Scholar 

  3. FIPS 180-2: Secure Hash Standard, SHS (2002)

    Google Scholar 

  4. GlobalPlatform Card Security Requirement Specification 1.0 (May 2003)

    Google Scholar 

  5. ISO/IEC 7816-5, Information Technology - Identification cards - Integrated Circuit(s) cards with contacts - Part 5: Numbering systems and registration procedure for application identifiers, International Organization for Standardization (2004)

    Google Scholar 

  6. Common Criteria for Information Technology Security Evaluation, Part 1: Introduction and general model, Part 2: Security functional requirements, Part 3: Security assurance requirements (August 2006)

    Google Scholar 

  7. GlobalPlatform: GlobalPlatform Card Specification, Version 2.2 (March 2006)

    Google Scholar 

  8. Java Card Platform Specification; Application Programming Interface, Runtime Environment Specification, Virtual Machine Specification (March 2006)

    Google Scholar 

  9. Multos: Guide to Loading and Deleting Applications. Tech. Rep. MAO-DOC-TEC-008 v2.21, MAOSCO (2006)

    Google Scholar 

  10. Trusted Module Specification 1.2: Part 1- Design Principles, Part 2- Structures of the TPM, Part 3- Commands (July 2007)

    Google Scholar 

  11. Akram, R.N., Markantonakis, K., Mayes, K.: Application Management Framework in User Centric Smart Card Ownership Model. In: Youm, H.Y., Yung, M. (eds.) WISA 2009. LNCS, vol. 5932, pp. 20–35. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  12. Akram, R.N., Markantonakis, K., Mayes, K.: A Dynamic and Ubiquitous Smart Card Security Assurance and Validation Mechanism. In: Rannenberg, K., Varadharajan, V., Weber, C. (eds.) SEC 2010. IFIP Advances in Information and Communication Technology, vol. 330, pp. 161–172. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  13. Akram, R.N., Markantonakis, K., Mayes, K.: A Paradigm Shift in Smart Card Ownership Model. In: Apduhan, B.O., Gervasi, O., Iglesias, A., Taniar, D., Gavrilova, M. (eds.) Proceedings of the 2010 International Conference on Computational Science and Its Applications (ICCSA 2010), pp. 191–200. IEEE Computer Society, Fukuoka (2010)

    Chapter  Google Scholar 

  14. Akram, R.N., Markantonakis, K., Mayes, K.: Firewall Mechanism in a User Centric Smart Card Ownership Model. In: Gollmann, D., Lanet, J.L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 118–132. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  15. Andronick, J., Chetali, B., Ly, O.: Using COQ to Verify Java Card Applet Isolation Properties. In: Basin, D., Wolff, B. (eds.) TPHOLs 2003. LNCS, vol. 2758, pp. 335–351. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  16. Barbu, G., Thiebeauld, H., Guerin, V.: Attacks on Java Card 3.0 Combining Fault and Logical Attacks. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 148–163. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  17. Bernardeschi, C., Martini, L.: Enforcement of Applet Boundaries in Java Card Systems. In: IASTED Conf. on Software Engineering and Applications, pp. 96–101 (2004)

    Google Scholar 

  18. Caromel, D., Henrio, L., Serpette, B.P.: Context Inference for Static Analysis of Java Card Object Sharing. In: Attali, S., Jensen, T. (eds.) E-SMART 2001. LNCS, vol. 2140, pp. 43–57. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  19. Chen, Z.: Java Card Technology for Smart Cards: Architecture and Programmer’s Guide. Addison-Wesley Longman Publishing Co., Inc., Boston (2000)

    Google Scholar 

  20. Deville, D., Galland, A., Grimaud, G., Jean, S.: Smart Card Operating Systems: Past, Present and Future. In: Proceedings of the 5th NORDU/USENIX Conference (2003)

    Google Scholar 

  21. Dierks, T., Rescorla, E.: RFC 5246 - The Transport Layer Security (TLS) Protocol Version 1.2. Tech. rep (August 2008)

    Google Scholar 

  22. Éluard, M., Jensen, T., Denne, E.: An Operational Semantics of the Java Card Firewall. In: Attali, S., Jensen, T. (eds.) E-SMART 2001. LNCS, vol. 2140, pp. 95–110. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  23. Furlani, C.: FIPS 186-3 : Digital Signature Standard (DSS) (June 2009)

    Google Scholar 

  24. Gasmi, Y., Sadeghi, A.R., Stewin, P., Unger, M., Asokan, N.: Beyond Secure Channels. In: STC 2007: Proceedings of the 2007 ACM workshop on Scalable trusted computing, pp. 30–40. ACM, New York (2007)

    Chapter  Google Scholar 

  25. Gupta, V., Gupta, S.: Securing the Wireless Internet. IEEE Communications 39(12), 68–74 (2001)

    Article  Google Scholar 

  26. Gupta, V., Gupta, S.: KSSL: Experiments in Wireless Internet Security. Tech. rep., Mountain View, CA, USA (2001)

    Google Scholar 

  27. Harbitter, A., Menascé, D.A.: The Performance of Public Key-Enabled Kerberos Authentication in Mobile Computing Aplications, pp. 78–85 (2001)

    Google Scholar 

  28. Hoare, C.A.R.: Communicating Sequential Processes, vol. 21. ACM, New York (1978)

    MATH  Google Scholar 

  29. Huisman, M., Gurov, D., Sprenger, C., Chugunov, G.: Checking Absence of Illicit Applet Interactions: A Case Study. In: Wermelinger, M., Margaria-Steffen, T. (eds.) FASE 2004. LNCS, vol. 2984, pp. 84–98. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  30. Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard. Springer, Berlin (2002)

    Book  MATH  Google Scholar 

  31. Kambourakis, G., Rouskas, A., Gritzalis, S.: Experimental Analysis of an SSL-Based AKA Mechanism in 3G-and-Beyond Wireless Networks. Wirel. Pers. Commun. 29, 303–321 (2004)

    Article  Google Scholar 

  32. Lanet, J.L., Iguchi-Cartigny, J.: Developing a Trojan applet in a Smart Card. Journal in Computer Virology 6(1) (2009)

    Google Scholar 

  33. Markantonakis, K., Mayes, K.: A Secure Channel Protocol for Multi-application Smart Cards based on Public Key Cryptography. In: Chadwick, D., Prennel, B. (eds.) CMS 2004 - Eight IFIP TC-6-11 Conference on Communications and Multimedia Security, pp. 79–96. Springer, Heidelberg (2004)

    Google Scholar 

  34. Mayes, K., Markantonakis, K.: Smart Cards, Tokens, Security and Applications. Springer, Heidelberg (2008)

    Book  Google Scholar 

  35. Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC, Boca Raton (1996)

    Book  MATH  Google Scholar 

  36. Montgomery, M., Krishna, K.: Secure Object Sharing in Java Card. In: WOST 1999: Proceedings of the USENIX Workshop on Smartcard Technology. USENIX Association, Berkeley (1999)

    Google Scholar 

  37. Mostowski, W., Poll, E.: Malicious Code on Java Card Smartcards: Attacks and Countermeasures. In: Grimaud, G., Standaert, F.-X. (eds.) CARDIS 2008. LNCS, vol. 5189, pp. 1–16. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  38. Neuman, C., Hartman, S., Raeburn, K.: RFC 4120: The Kerberos Network Authentication Service (V5). Tech. rep (July 2005)

    Google Scholar 

  39. Rantos, K., Markantonakis, C.: An Asymmetric Cryptography Secure Channel Protocol for Smart Cards. In: Deswarte, Y., Cuppens, F., Jajodia, S., Wang, L. (eds.) Security and Protection in Information Processing Systems, IFIP 18th WorldComputer Congress, TC11 19th International Information Security Conference, Toulouse, August 22-27, pp. 351–366. Kluwer, Dordrecht (2004)

    Google Scholar 

  40. Ryan, P., Schneider, S.: The Modelling and Analysis of Security Protocols: the CSP Approach. Addison-Wesley Professional, Reading (2000)

    Google Scholar 

  41. Sauveron, D.: Multiapplication Smart Card: Towards an Open Smart Card? Inf. Secur. Tech. Rep. 14(2), 70–78 (2009)

    Google Scholar 

  42. Sauveron, D., Dusart, P.: Which Trust Can Be Expected of the Common Criteria Certification at End-User Level? Future Generation Communication and Networking 2, 423–428 (2007)

    Article  Google Scholar 

  43. Sirett, W.G., MacDonald, J.A., Mayes, K., Markantonakis, K.: Design, Installation and Execution of a Security Agent for Mobile Stations. In: Domingo-Ferrer, J., Posegga, J., Schreckling, D. (eds.) CARDIS 2006. LNCS, vol. 3928, pp. 1–15. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  44. Urien, P.: Collaboration of SSL Smart Cards within the WEB2 Landscape. In: International Symposium on Collaborative Technologies and Systems, vol. 0, pp. 187–194 (2009)

    Google Scholar 

  45. Urien, P., Elrharbi, S.: Tandem Smart Cards: Enforcing Trust for TLS-Based Network Services. In: International Workshop on Applications and Services in Wireless Networks, pp. 96–104 (2008)

    Google Scholar 

  46. Urien, P., Marie, E., Kiennert, C.: An Innovative Solution for Cloud Computing Authentication: Grids of EAP-TLS Smart Cards. In: International Conference on Digital Telecommunications, pp. 22–27 (2010)

    Google Scholar 

  47. Vetillard, E., Ferrari, A.: Combined Attacks and Countermeasures. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 133–147. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  48. Yu, D., Chen, N., Tan, C.: Design and Implementation of Mobile Security Access System (MSAS) Based on SSL VPN. In: International Workshop on Education Technology and Computer Science, vol. 3, pp. 152–155 (2009)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information Security Group Smart card Centre, Royal Holloway, University of London, Egham, Surrey, United Kingdom

    Raja Naeem Akram, Konstantinos Markantonakis & Keith Mayes

Authors
  1. Raja Naeem Akram
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Konstantinos Markantonakis
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Keith Mayes
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science and Software Engineering, The University of Melbourne, 3010, Victoria, Australia

    Udaya Parampalli

  2. Qualcomm Incorporated, Suite 301, Level 3, 77 King Street, NSW 2000, Sydney, Australia

    Philip Hawkes

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Akram, R.N., Markantonakis, K., Mayes, K. (2011). Application-Binding Protocol in the User Centric Smart Card Ownership Model. In: Parampalli, U., Hawkes, P. (eds) Information Security and Privacy. ACISP 2011. Lecture Notes in Computer Science, vol 6812. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22497-3_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-22497-3_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-22496-6

  • Online ISBN: 978-3-642-22497-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation