Formal Methods for Smartcard Security
نویسندگان
چکیده
Smartcards are trusted personal devices designed to store and process confidential data, and to act as secure tokens for providing access to applications and services. Smartcards are widely deployed and their usage spans over several application domains including banking, telecommunications, and identity. Open platform smartcards are new generation trusted personal devices with increased flexibility. Such devices, which benefit of increased connectivity and increased interoperability, can host several applets and allow new applets to be loaded post-issuance. Such an increased flexibility raises concerns about the possibility of logical attacks that could affect a very large number of devices, and requires the development of techniques and tools that can be used to increase the reliability of platforms and applications for trusted personal devices. The objective of this chapter is to describe some applications of formal methods to increase the reliability of smartcards and trusted personal devices.
منابع مشابه
Papers on Smartcard Engineering Making Smartcard Systems Robust
This technical report contains two papers on a smartcard based electronic wallet system which I helped to design. The rst, `Making Smartcard Systems Robust', appeared in the proceedings of Cardis 94 (now out of print): the second, `UEPS-A Second Generation Electronic Wallet', appeared in the proceedings of ESORICS 92 (Springer LNCS v 648 pp 411{418). This system has been elded in a number of co...
متن کاملFormal Methods for the Verification of Safety Critical Applications using SPIN Model Checker
Security over the years has been a major concern for the organizations and companies. With the emergence of smart cards, industry has become more interested in methodologies which are used to establish the correctness and security of the applications developed with the acceptance of the use of smart cards in such domains. This paper provides a general introduction to the state-of-the-art of for...
متن کاملSmartcard Integration with Kerberos V5
We describe our design and implementation of smartcard integration with Kerberos V5. Authentication is among the most important applications for smartcards and is one of the critical requirements for computer security. By augmenting Kerberos V5 with tamper-resistant hardware, we enhance the security of Kerberos V5 and o er a potential \killer application" leading to wider adoption of smartcard ...
متن کاملSmartcard Integration with Kerberos V5 Smartcard Integration with Kerberos V5
We describe our design and implementation of smartcard integration with Kerberos V5. Authentication is among the most important applications for smartcards and is one of the critical requirements for computer security. By augmenting Kerberos V5 with tamper-resistant hardware, we enhance the security of Kerberos V5 and o er a potential \killer application" leading to wider adoption of smartcard ...
متن کاملInterleaving Commands: a Threat to the Interoperability of Smartcard Based Security Applications
Although smartcards are widely used, secure smartcard interoperability has remained a significant challenge. Usually each manufacturer provides a closed environment for their smartcard based applications including the microchip, associated firmware and application software. While the security of this " package " can be tested and certified for example based on the Common Criteria, the secure an...
متن کاملSCFS: A UNIX Filesystem for Smartcards
Smartcard software developers su er from the lack of a standard communication framework between a workstation and a smartcard. To address this problem, we extended the UNIX lesystem to provide access to smartcard storage, which enables us to use les in a smartcard as though normal UNIX les, but with the additional security properties inherent to smartcards.
متن کامل