A Smart Card Web Server in the Web of Things

  • Lazaros Kyrillidis
  • Sheila Cobourne
  • Keith Mayes
  • Konstantinos Markantonakis
Conference paper
Part of the Lecture Notes in Networks and Systems book series (LNNS, volume 16)


The establishment of the Internet of Things (IoT) is gathering pace. The “things” will be counted in their billions, however interoperability problems may compromise the interconnectivity aspect. Isolated “things” are common and often make use of proprietary communication and security protocols that have not been subject to public scrutiny. By contrast the World Wide Web has well established technology and protocols and so there is interest in the so-called Web of Things (WoT) that would allow the “things” to communicate using standard web protocols. However, with so many readily accessible nodes we considered that the WoT should be underpinned by attack/tamper-resistant security modules that are compatible with the WoT protocols. This paper considers the use of the Smart Card Web Server (SCWS) capability to practically secure the WoT. Finally, the use of a SCWS is extended to provide a means of secure, local Single Sign-On (SSO).


SCWS Smart Card Web Server IoT WoT 


  1. 1.
    Ashton, K.: That ‘Internet of Things’ thing, June 2009.
  2. 2.
    Gartner: The Internet of Things enables digital business.
  3. 3.
    Atzori, L., Iera, A., Morabito, G.: The Internet of Things: a survey. Comput. Netw. 54(15), 2787–2805 (2010)CrossRefzbMATHGoogle Scholar
  4. 4.
    Duquennoy, S., Grimaud, G., Vandewalle, J.-J.: The web of things: interconnecting devices with high usability and performance. In: International Conference on Embedded Software and Systems, ICESS 2009, pp. 323–330. IEEE (2009)Google Scholar
  5. 5.
    Guinard, D., Trifa, V.: Towards the web of things: web mashups for embedded devices. In: Proceedings of Workshop on Mashups, Enterprise Mashups and Lightweight Composition on the Web (MEM 2009), WWW (International World Wide Web Conferences), Madrid, Spain, p. 15 (2009)Google Scholar
  6. 6.
    Guinard, D., Trifa, V., Wilde, E.: A resource oriented architecture for the web of things. In: Internet of Things (IOT 2010), pp. 1–8. IEEE (2010)Google Scholar
  7. 7.
    Uckelmann, D., Harrison, M., Michahelles, F.: Architecting the Internet of Things, chap. 5, pp. 97–129. Springer Science & Business Media, New York (2011)Google Scholar
  8. 8.
    Zeng, D., Guo, S., Cheng, Z.: The web of things: a survey. J. Commun. 6(6), 424–438 (2011)CrossRefGoogle Scholar
  9. 9.
    Guinard, D., Trifa, V.M., Wilde, E.: Architecting a mashable open world wide web of things. ETH, Department of Computer Science (2010)Google Scholar
  10. 10.
    Trifa, V., Wieland, S., Guinard, D., Bohnert, T.M.: Design and implementation of a gateway for web-based interaction and management of embedded devices. In: DCOSS (2009)Google Scholar
  11. 11.
    Kovatsch, M., Weiss, M., Guinard, D.: Embedding internet technology for home automation. In: 2010 IEEE Conference on Emerging Technologies and Factory Automation (ETFA), pp. 1–8. IEEE (2010)Google Scholar
  12. 12.
    Ostermaier, B., Schlup, F., Romer, K.: Webplug: a framework for the web of things. In: 2010 8th IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops), pp. 690–695. IEEE (2010)Google Scholar
  13. 13.
    Kyrillidis, L., Mayes, K., Chazalet, B., Markantonakis, K.: Card-present transactions on the internet using the smart card web server. In: 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 611–619. IEEE (2013)Google Scholar
  14. 14.
    OMA: Smartcard-Web-Server Approved Version 1.2.1 OMA-TS-Smartcard_Web_Server-V1_2_1-20130913-A, Open Mobile Alliance Std., 13 September 2013Google Scholar
  15. 15.
    ETSI TS 102 588 V9.1.0 (2011–01) Smart Cards; Application invocation Application Programming Interface (API) by a UICC webserver for Java Card platform; (Release 9), StdGoogle Scholar
  16. 16.
    Dierks, T.: The transport layer security (tls) protocol version 1.2 (2008)Google Scholar
  17. 17.
    ETSI TS 102 600 V7.2.0 (2008–06) Smart Cards; UICC-Terminal interface; Characteristics of the USB interface (Release 7), StdGoogle Scholar
  18. 18.
  19. 19.
  20. 20.
    Kerberos: The network authentication protocol.
  21. 21.
  22. 22.
    Tracking the freak attack.

Copyright information

© Springer International Publishing AG 2018

Authors and Affiliations

  • Lazaros Kyrillidis
    • 1
  • Sheila Cobourne
    • 1
  • Keith Mayes
    • 1
  • Konstantinos Markantonakis
    • 1
  1. 1.Information Security Group Royal Holloway, Smart Card CentreUniversity of LondonEgham, SurreyUK

Personalised recommendations