on limiting smart card constraints on UIMs Contractual
نویسنده
چکیده
This report considers the use of smart cards as mobile personal security modules. The format of a smart card is described and the impact that this format has on both the way a smart card can be used as a security module and the limitations that the smart card imposes are discussed. The security threats to smart cards, from physical to technological and environmental, are considered along with the various measures that are or can be adopted to prevent them. Further sections consider: • how the performance limitations of smart cards for cryptographic purposes may in certain circumstances, be circumvented • the use of operating system commands for application implementation and how this may be improved by use of an interpreter concept along the lines of the Java Card API • the required security functionality of a UIM in the UMTS system.
منابع مشابه
Formal Proof of Smart Card Applets Correctness
The new Gemplus smart card is based on the Java technology, embedding a virtual machine. The security policy uses mechanisms that are based on Java properties. This language provides segregation between applets. But due to the smart card constraints a byte code verifier can not be embedded. Moreover, in order to maximise the number of applets the byte code must be optimised. The security proper...
متن کاملOn Practical Information Flow Policies for Java-Enabled Multiapplication Smart Cards
In the multiapplicative context of smart cards, a strict control of underlying information flow between applications is highly desired. In this paper we propose a model to improve information flow usability in such systems by limiting the overhead for adding information flow security to a Java Virtual Machine. We define a domain specific language for defining security policies describing the al...
متن کاملA Distributed WCET Computation Scheme for Smart Card Operating Systems
Smart card operating systems have to face very hard constraints in terms of available memory space and computing power. Nonetheless, the specifications of most smart card platforms impose strict deadlines for communications between the card and the terminal to which it is connected. This advocates the real time paradigm to guarantee response times and thus introduces the need for computation of...
متن کاملTwo Worlds, One Smart Card: An Integrated Solution for Physical Access and Logical Security Using PKI on a Single Smart Card
We present a use case of the introduction of a large scale Public Key Infrastructure (PKI) environment in an incumbent telecommunications company in The Netherlands. The main characteristics of the case are the integration of an existing physical access facility with a PKI environment for logical security of the company ICT infrastructure. In fact, both are accessed using a single (smart) compa...
متن کاملRethinking the Smart Card Technology
Creating security architectures and processes that directly interact with consumers, especially in consumer electronics, has to take into account usability, user-experience and skill level. Smart cards provide secure services, even in malicious environments, to end-users with a fairly straightforward limited usage pattern that even an ordinary user can easily deal with. The way the smart card i...
متن کامل