Abstract
A threat analysis framework and methodology was developed by the authors to catalogue threats, vulnerabilities, attacks and countermeasures for smart cards (contact and contactless) and wireless sensor network node technologies. The goal of this research was to determine “Security Lessons” learned from the world of smart cards that may be applied to wireless sensor network nodes and vice versa.
Chapter PDF
Similar content being viewed by others
References
Low-Rate Wireless Personal Area Networks: Enabling Wireless Sensors with IEEE 802.15.4 (Second Edition), http://shop.ieee.org/ieeestore/Product.aspx?product_no=SP1150
Common Criteria website: http://www.commoncriteriaportal.org
Smart Card Security User Group Smart Card Protection Profile (SCSUG-SCPP) Version 3.0 9 (September 2001)
JTC 1/SC 17: ISO/IEC 7810:2003 Identification cards - Physical characteristics (December 2005), http://www.iso.org/iso/en/prods-services/ISOstore/store.html
JTC 1/SC 17: ISO/IEC 7813:2006 Information technology -Identification cards – Financial transaction cards (June 2006), http://www.iso.org/iso/en/prods-services/ISOstore/store.html
JTC 1/SC 17: ISO/IEC 7816-1 to 15 Identification cards – Integrated circuit(s) cards with contacts (Parts 1 to 15), http://www.iso.org/iso/en/prods-services/ISOstore/store.html
JTC 1/SC 17: ISO/IEC 14443-1 to 4 Identification cards – Contactless integrated circuit(s) cards – Proximity cards (Parts 1 to 4), http://www.iso.org/iso/en/prods-services/ISOstore/store.html
JTC 1/SC 17: ISO/IEC 15693-1to 3 Identification cards – Contactless integrated circuit(s) cards – Vicinity cards (Parts 1 to 3), http://www.iso.org/iso/en/prods-services/ISOstore/store.html
German Federal Office for Information Security (BSI): Security Aspects and Prospective Applications of RFID Systems (2004)
Anderson, R., Kuhn, M.: Low Cost Attacks on Tamper Resistant Devices (1997)
Abraham, D.G., et al.: Transaction Security System. IBM Systems Journal 30(2), 206–229 (1991)
Skorobogatov, S.P.: Semi-invasive attacks - A new approach to hardware security analysis. PhD Thesis UCAM-CL-TR-630 ISSN 1476-2986 (April 2005)
Kocher, P.C.: Timing attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other systems. Crytpography Research Inc. CRYPTO (1996)
Java Card Forum: Working status & Deliverables Presentation (2005), http://www.javacardforum.org/03_documents/00_documents/marketingpresentationgeneral.pdf
Chaumette, S., et al.: Secure distributed computing on a Java Card Grid. In: 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS’05) (2005)
Hollar, S.: Cots Dust Masters Degree Thesis (1996), http://www-bsac.eecs.berkeley.edu/archive/users/hollar-seth/publications/cotsdust.pdf
Tubaishat, M., Madria, S.: Sensor Networks: An Overview. IEEE Potentials 22, 20–23 (2003)
Karlof, C., Wagner, D.: Secure routing in wireless sensor networks: attacks and countermeasures. Elsevier Article (2003)
Shi, E., Perrig, A.: Designing Secure Sensor Networks. IEEE Publication (2001), http://www.cs.ucsb.edu/~suri/Spr05/generalB.pdf
Benenson, Z., Freiling, F.C.: On the Feasibility and Meaning of Security in Sensor Networks. 4th GI/ITG KuVS Fachgespräch “Drahtlose Sensornetze” (2005), http://user.it.uu.se/~zina/publications/security-taxonomy.pdf
Healy, W.: Standards and Test Methods for Sensor Networks and Alert Systems (2007), http://www2.bfrl.nist.gov/projects/projcontain.asp?cc=8634508431
Official Website of the US Govt. Sensornet Project, http://www.sensornet.gov/
Swiderski, F., Snyder, W.: Threat Modelling. Microsoft Press, Redmond (2004)
Becher, A., Benenson, Z., Dornseif, M.: Tampering with Motes: Real World Physical Attacks on Wireless (2005)
Finke, T., Kelter, H.: Abhörmöglichkeiten der Kommunikation zwischen Lesegerät und Transponder am Beispiel eines ISO 14443 - Systems. BSI (2004), http://www.bsi.de/fachthem/rfid/Abh_RFID.pdf
Rieback, M.R., Crispo, B., Tanenbaum, A.S.: Is your cat infected with a computer virus. Vrije Universiteit Amsterdam (2006)
SUN’s Sizzle (SSSL) Webserver for small devices, http://research.sun.com/spotlight/2004-12-20_vgupta.html
Brewer, E., et al.: nesC: A Programming Language for Deeply Networked Systems (2004), http://nescc.sourceforge.net/
Official Website for the Bluetooth Short Range Wireless Connectivity Standardb, http://www.bluetooth.com/bluetooth/
ZigBee Alliance Official Website, http://www.zigbee.org/en/index.asp
Global Platform Official Website, http://www.globalplatform.org/
Bernabeu, G.: GlobalPlatform Mobey Forum 2005 Presentation: Page 15 Card Manager Responsibilities (2005), http://www.globalplatform.org/uploads/Mobey%20Forum_Oct2005.pdf
Java Card Technology Datasheet (incl. JCRE), http://java.sun.com/products/javacard/datasheet.html
DoD Radio Frequency Identification Update: Enterprise Data Collection Across the Supply Chain (June 14, 2006), http://www.dla.mil/j-6/AIT/Files/Conferences/AirForce_Supply_Chain_AIT_Forum/2006_06_13/Day2/Smith%20-%20OSD%20RFID.pdf
United States Department of Defense Suppliers’ Passive RFID Information Guide ver.8.0 (2005), http://www.acq.osd.mil/log/rfid/DoD_Suppliers'_Passive_RFID_Information_Guide_v8.0.pdf
Shaikh, R.A., et al.: Securing Distributed Wireless Sensor Networks: Issues and Guidelines, 226–231 (2006)
Chan, H., Perrig, A.: Security and Privacy in Sensor Networks. IEEE Computer 36(10), 103–105 (2003)
Muftic, S., Chang, C.: Security in Wireless Sensor Networks: Status, Problems, Current Technologies and Trends. Enisa Quarterly 4, 5–6 (2006)
Arnab, A., Hutchison, A.: Ticket Based Identity System for DRM (2006)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 IFIP International Federation for Information Processing
About this paper
Cite this paper
Eagles, K., Markantonakis, K., Mayes, K. (2007). A Comparative Analysis of Common Threats, Vulnerabilities, Attacks and Countermeasures Within Smart Card and Wireless Sensor Network Node Technologies. In: Sauveron, D., Markantonakis, K., Bilas, A., Quisquater, JJ. (eds) Information Security Theory and Practices. Smart Cards, Mobile and Ubiquitous Computing Systems. WISTP 2007. Lecture Notes in Computer Science, vol 4462. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-72354-7_14
Download citation
DOI: https://doi.org/10.1007/978-3-540-72354-7_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-72353-0
Online ISBN: 978-3-540-72354-7
eBook Packages: Computer ScienceComputer Science (R0)