Application-Binding Protocol in the User Centric Smart Card Ownership Model

  • Raja Naeem Akram
  • Konstantinos Markantonakis
  • Keith Mayes
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6812)


The control of the application choice is delegated to the smart card users in the User Centric Smart Card Ownership Model (UCOM). There is no centralised authority that controls the card environment, and it is difficult to have implicit trust on applications installed on a smart card. The application sharing mechanism in smart cards facilitates corroborative and interrelated applications to co-exist and augment each other’s functionality. The already established application sharing mechanisms (e.g. in Java Card and Multos) do not fully satisfy the security requirements of the UCOM that require a security framework that provides runtime authentication, and verification of an application. Such a framework is the focus of this paper. To support the framework, we propose a protocol that is verified using CasperFDR. In addition, we implemented the protocol and provide a performance comparison with existing protocols.


Smart Card Server Application Client Application Trust Platform Module Malicious User 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Multos: The Multos SpecificationGoogle Scholar
  2. 2.
    Casper: A Compiler for the Analysis of Security Protocols, Journal of Computer Security (June 1998)Google Scholar
  3. 3.
    FIPS 180-2: Secure Hash Standard, SHS (2002)Google Scholar
  4. 4.
    GlobalPlatform Card Security Requirement Specification 1.0 (May 2003)Google Scholar
  5. 5.
    ISO/IEC 7816-5, Information Technology - Identification cards - Integrated Circuit(s) cards with contacts - Part 5: Numbering systems and registration procedure for application identifiers, International Organization for Standardization (2004)Google Scholar
  6. 6.
    Common Criteria for Information Technology Security Evaluation, Part 1: Introduction and general model, Part 2: Security functional requirements, Part 3: Security assurance requirements (August 2006)Google Scholar
  7. 7.
    GlobalPlatform: GlobalPlatform Card Specification, Version 2.2 (March 2006)Google Scholar
  8. 8.
    Java Card Platform Specification; Application Programming Interface, Runtime Environment Specification, Virtual Machine Specification (March 2006)Google Scholar
  9. 9.
    Multos: Guide to Loading and Deleting Applications. Tech. Rep. MAO-DOC-TEC-008 v2.21, MAOSCO (2006)Google Scholar
  10. 10.
    Trusted Module Specification 1.2: Part 1- Design Principles, Part 2- Structures of the TPM, Part 3- Commands (July 2007)Google Scholar
  11. 11.
    Akram, R.N., Markantonakis, K., Mayes, K.: Application Management Framework in User Centric Smart Card Ownership Model. In: Youm, H.Y., Yung, M. (eds.) WISA 2009. LNCS, vol. 5932, pp. 20–35. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  12. 12.
    Akram, R.N., Markantonakis, K., Mayes, K.: A Dynamic and Ubiquitous Smart Card Security Assurance and Validation Mechanism. In: Rannenberg, K., Varadharajan, V., Weber, C. (eds.) SEC 2010. IFIP Advances in Information and Communication Technology, vol. 330, pp. 161–172. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  13. 13.
    Akram, R.N., Markantonakis, K., Mayes, K.: A Paradigm Shift in Smart Card Ownership Model. In: Apduhan, B.O., Gervasi, O., Iglesias, A., Taniar, D., Gavrilova, M. (eds.) Proceedings of the 2010 International Conference on Computational Science and Its Applications (ICCSA 2010), pp. 191–200. IEEE Computer Society, Fukuoka (2010)CrossRefGoogle Scholar
  14. 14.
    Akram, R.N., Markantonakis, K., Mayes, K.: Firewall Mechanism in a User Centric Smart Card Ownership Model. In: Gollmann, D., Lanet, J.L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 118–132. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  15. 15.
    Andronick, J., Chetali, B., Ly, O.: Using COQ to Verify Java Card Applet Isolation Properties. In: Basin, D., Wolff, B. (eds.) TPHOLs 2003. LNCS, vol. 2758, pp. 335–351. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  16. 16.
    Barbu, G., Thiebeauld, H., Guerin, V.: Attacks on Java Card 3.0 Combining Fault and Logical Attacks. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 148–163. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  17. 17.
    Bernardeschi, C., Martini, L.: Enforcement of Applet Boundaries in Java Card Systems. In: IASTED Conf. on Software Engineering and Applications, pp. 96–101 (2004)Google Scholar
  18. 18.
    Caromel, D., Henrio, L., Serpette, B.P.: Context Inference for Static Analysis of Java Card Object Sharing. In: Attali, S., Jensen, T. (eds.) E-SMART 2001. LNCS, vol. 2140, pp. 43–57. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  19. 19.
    Chen, Z.: Java Card Technology for Smart Cards: Architecture and Programmer’s Guide. Addison-Wesley Longman Publishing Co., Inc., Boston (2000)Google Scholar
  20. 20.
    Deville, D., Galland, A., Grimaud, G., Jean, S.: Smart Card Operating Systems: Past, Present and Future. In: Proceedings of the 5th NORDU/USENIX Conference (2003)Google Scholar
  21. 21.
    Dierks, T., Rescorla, E.: RFC 5246 - The Transport Layer Security (TLS) Protocol Version 1.2. Tech. rep (August 2008)Google Scholar
  22. 22.
    Éluard, M., Jensen, T., Denne, E.: An Operational Semantics of the Java Card Firewall. In: Attali, S., Jensen, T. (eds.) E-SMART 2001. LNCS, vol. 2140, pp. 95–110. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  23. 23.
    Furlani, C.: FIPS 186-3 : Digital Signature Standard (DSS) (June 2009)Google Scholar
  24. 24.
    Gasmi, Y., Sadeghi, A.R., Stewin, P., Unger, M., Asokan, N.: Beyond Secure Channels. In: STC 2007: Proceedings of the 2007 ACM workshop on Scalable trusted computing, pp. 30–40. ACM, New York (2007)CrossRefGoogle Scholar
  25. 25.
    Gupta, V., Gupta, S.: Securing the Wireless Internet. IEEE Communications 39(12), 68–74 (2001)CrossRefGoogle Scholar
  26. 26.
    Gupta, V., Gupta, S.: KSSL: Experiments in Wireless Internet Security. Tech. rep., Mountain View, CA, USA (2001)Google Scholar
  27. 27.
    Harbitter, A., Menascé, D.A.: The Performance of Public Key-Enabled Kerberos Authentication in Mobile Computing Aplications, pp. 78–85 (2001)Google Scholar
  28. 28.
    Hoare, C.A.R.: Communicating Sequential Processes, vol. 21. ACM, New York (1978)zbMATHGoogle Scholar
  29. 29.
    Huisman, M., Gurov, D., Sprenger, C., Chugunov, G.: Checking Absence of Illicit Applet Interactions: A Case Study. In: Wermelinger, M., Margaria-Steffen, T. (eds.) FASE 2004. LNCS, vol. 2984, pp. 84–98. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  30. 30.
    Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard. Springer, Berlin (2002)CrossRefzbMATHGoogle Scholar
  31. 31.
    Kambourakis, G., Rouskas, A., Gritzalis, S.: Experimental Analysis of an SSL-Based AKA Mechanism in 3G-and-Beyond Wireless Networks. Wirel. Pers. Commun. 29, 303–321 (2004)CrossRefGoogle Scholar
  32. 32.
    Lanet, J.L., Iguchi-Cartigny, J.: Developing a Trojan applet in a Smart Card. Journal in Computer Virology 6(1) (2009)Google Scholar
  33. 33.
    Markantonakis, K., Mayes, K.: A Secure Channel Protocol for Multi-application Smart Cards based on Public Key Cryptography. In: Chadwick, D., Prennel, B. (eds.) CMS 2004 - Eight IFIP TC-6-11 Conference on Communications and Multimedia Security, pp. 79–96. Springer, Heidelberg (2004)Google Scholar
  34. 34.
    Mayes, K., Markantonakis, K.: Smart Cards, Tokens, Security and Applications. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  35. 35.
    Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC, Boca Raton (1996)CrossRefzbMATHGoogle Scholar
  36. 36.
    Montgomery, M., Krishna, K.: Secure Object Sharing in Java Card. In: WOST 1999: Proceedings of the USENIX Workshop on Smartcard Technology. USENIX Association, Berkeley (1999)Google Scholar
  37. 37.
    Mostowski, W., Poll, E.: Malicious Code on Java Card Smartcards: Attacks and Countermeasures. In: Grimaud, G., Standaert, F.-X. (eds.) CARDIS 2008. LNCS, vol. 5189, pp. 1–16. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  38. 38.
    Neuman, C., Hartman, S., Raeburn, K.: RFC 4120: The Kerberos Network Authentication Service (V5). Tech. rep (July 2005)Google Scholar
  39. 39.
    Rantos, K., Markantonakis, C.: An Asymmetric Cryptography Secure Channel Protocol for Smart Cards. In: Deswarte, Y., Cuppens, F., Jajodia, S., Wang, L. (eds.) Security and Protection in Information Processing Systems, IFIP 18th WorldComputer Congress, TC11 19th International Information Security Conference, Toulouse, August 22-27, pp. 351–366. Kluwer, Dordrecht (2004)Google Scholar
  40. 40.
    Ryan, P., Schneider, S.: The Modelling and Analysis of Security Protocols: the CSP Approach. Addison-Wesley Professional, Reading (2000)Google Scholar
  41. 41.
    Sauveron, D.: Multiapplication Smart Card: Towards an Open Smart Card? Inf. Secur. Tech. Rep. 14(2), 70–78 (2009)Google Scholar
  42. 42.
    Sauveron, D., Dusart, P.: Which Trust Can Be Expected of the Common Criteria Certification at End-User Level? Future Generation Communication and Networking 2, 423–428 (2007)CrossRefGoogle Scholar
  43. 43.
    Sirett, W.G., MacDonald, J.A., Mayes, K., Markantonakis, K.: Design, Installation and Execution of a Security Agent for Mobile Stations. In: Domingo-Ferrer, J., Posegga, J., Schreckling, D. (eds.) CARDIS 2006. LNCS, vol. 3928, pp. 1–15. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  44. 44.
    Urien, P.: Collaboration of SSL Smart Cards within the WEB2 Landscape. In: International Symposium on Collaborative Technologies and Systems, vol. 0, pp. 187–194 (2009)Google Scholar
  45. 45.
    Urien, P., Elrharbi, S.: Tandem Smart Cards: Enforcing Trust for TLS-Based Network Services. In: International Workshop on Applications and Services in Wireless Networks, pp. 96–104 (2008)Google Scholar
  46. 46.
    Urien, P., Marie, E., Kiennert, C.: An Innovative Solution for Cloud Computing Authentication: Grids of EAP-TLS Smart Cards. In: International Conference on Digital Telecommunications, pp. 22–27 (2010)Google Scholar
  47. 47.
    Vetillard, E., Ferrari, A.: Combined Attacks and Countermeasures. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 133–147. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  48. 48.
    Yu, D., Chen, N., Tan, C.: Design and Implementation of Mobile Security Access System (MSAS) Based on SSL VPN. In: International Workshop on Education Technology and Computer Science, vol. 3, pp. 152–155 (2009)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Raja Naeem Akram
    • 1
  • Konstantinos Markantonakis
    • 1
  • Keith Mayes
    • 1
  1. 1.Information Security Group Smart card Centre, Royal HollowayUniversity of LondonEghamUnited Kingdom

Personalised recommendations