Advertisement

Smartcard Firewalls Revisited

  • Henrich C. Pöhls
  • Joachim Posegga
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3928)

Abstract

Smartcards are being used as secure endpoints in computer transactions. Recently, the connectivity of smartcards has increased and future smartcards will be able to communicate over the TCP/IP protocol. In this work, we explore options for using a smartcard as an active node in a communication network rather than as an endpoint.

We envision in particular a proxy firewall running on a smartcard and combining the best of both worlds: the smartcard as a secure environment, and the proxy firewall for securing the network. Facilitating the various security options smartcards offer, we show how to design a secure network firewall on a smartcard. We illustrate the usefulness of such a device in several scenarios.

Keywords

Smart Card Virtual Private Network Intermediate System Concurrent Connection Java Card Platform 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Chen, Z.: Java Card Technology for Smart Cards: Architecture and Programmer’s Guide. Addison-Wesley, Reading (2000)Google Scholar
  2. 2.
    D-Link. Usb 2.0 fast ethernet adapter dub-e100, http://www.dlink.com/products/?model=DUB-E100
  3. 3.
    USB Implementers Forum. Universal serial bus class definitions for communication devices (January 1999), http://www.usb.org/developers/devclass_docs/usbcdc11.pdf
  4. 4.
    USB Implementers Forum. Universal serial bus communications class subclass specification for ethernet emulation model devices rev. 1.0 (February 2005)Google Scholar
  5. 5.
    Gemplus. Press release: Gemplus paves the way for future java card platform (June 2005), http://www.gemplus.com/press/archives/2005/rd/27-06-2005-javaone.html
  6. 6.
  7. 7.
    Guthery, S., Kehr, R., Posegga, J.: How to turn a GSM SIM into a web server. In: Domingo-Ferrer, J., Chan, D., Watson, A. (eds.) Proc. IFIP Fourth Working Conference on Smart Card Research and Applications (CARDIS 2000), Kluwer Academic Publishers, Dordrecht (2000)Google Scholar
  8. 8.
    Guthery, S., Kehr, R., Posegga, J., Vogt, H.: GSM SIMs as Web servers. In: Seventh Intern. Conf. on Intelligence in Services and Networks, Athens, Greece (Feburary 2000) (Short Paper)Google Scholar
  9. 9.
    Honeyman, P., Rees, J.: Webcard: a java card web server. In: Domingo-Ferrer, J., Chan, D., Watson, A. (eds.) Proc. IFIP Fourth Working Conference on Smart Card Research and Applications (CARDIS 2000), Kluwer Academic Publishers, Dordrecht (2000)Google Scholar
  10. 10.
  11. 11.
    Microsoft. Ndis - network driver interface specification, http://www.microsoft.com/whdc/device/network/ndis/default.mspx
  12. 12.
    Montgomery, M., Ali, A., Lu, K.: Secure network card – implementation of a standard network stack in a smart card. In: Proc. IFIP Fourth Working Conference on Smart Card Research and Applications (CARDIS 2000), Kluwer Academic Publishers, Dordrecht (2000)Google Scholar
  13. 13.
    Muller, C., Deschamps, E.: Smart cards as first-class network citizens. In: 4th Gemplus Developer Conference, Singapore (November 2002)Google Scholar
  14. 14.
    netfilter. website, http://www.netfilter.org
  15. 15.
    Rommel, K.U.: Netio - network throughput benchmark, version 1.14 (1997)Google Scholar
  16. 16.
  17. 17.
    Rubin, A.D., Cheswick, W.R., Bellovin, S.M. (eds.): Firewalls and Internet Security. Addison Wesley, Reading (2003)Google Scholar
  18. 18.
    ZyXEL. Datasheet: Zywall p1 (March 2005), ftp://ftp.zyxel.com/ZyWALLP1/document/ZyWALLP1v2.0Datasheet.pdf

Copyright information

© IFIP International Federation for Information Processing 2006

Authors and Affiliations

  • Henrich C. Pöhls
    • 1
  • Joachim Posegga
    • 1
  1. 1.FB Informatik, Sicherheit in Verteilten Systemen (SVS)Universität HamburgHamburg

Personalised recommendations