A novel consumer-centric card management architecture and potential security issues
نویسندگان
چکیده
Multi-application smart card technology has gained momentum due to the Near Field Communication (NFC) and smart phone revolution. Enabling multiple applications from di erent application providers on a single smart card is not a new concept. Multi-application smart cards have been around since the late 1990s; however, uptake was severely limited. NFC has recently reinvigorated the multi-application initiative and this time around a number of innovative deployment models are proposed. Such models include Trusted Service Manager (TSM), User Centric Smart Card Ownership Model (UCOM) and GlobalPlatform Consumer-Centric Model (GP-CCM). In this paper, we discuss two of the most widely accepted and deployed smart card management architectures in the smart card industry: GlobalPlatform and Multos. We explain how these architectures do not fully comply with the UCOM and GP-CCM. We then describe our novel exible consumer-centric card management architecture designed speci cally for the UCOM and GP-CCM frameworks, along with ways of integrating the TSM model into the proposed card management architecture. Finally, we discuss four new security issues inherent to any architecture in this context along with the countermeasures for our proposed architecture.
منابع مشابه
Security and Privacy Issues in Content-Centric Networking
Security and Privacy Issues in Content-Centric Networking By Cesar Ghali Doctor of Philosophy in Networked Systems University of California, Irvine, 2016 Professor Gene Tsudik, Chair Content-Centric Networking (CCN) is a networking paradigm alternative to today’s IP-based Internet Architecture. One fundamental goal of CCN is to include security and privacy as part of its design. CCN adheres to ...
متن کاملA Network-Centric Design for Relationship-Based Security and Access Control
As part of the Stanford Digital Libraries Project, we have prototyped a novel architecture for security and access control in heterogeneous, networked environments. Conceptually, this architecture recasts security issues from an “information access” metaphor into a “relationship management” framework and uniformly applies a contracting model. Architecturally, it introduces a “network-centric” d...
متن کاملA user centric security model for tamper-resistant devices
In this thesis we propose a design for a ubiquitous and interoperable device based on the smart card architecture to meet the challenges of privacy, trust, and security for traditional and emerging technologies like personal computers, smart phones and tablets. Such a device is referred a User Centric Tamper-Resistant Device (UCTD). To support the smart card architecture for the UCTD initiative...
متن کاملRemote Attestation Mechanism for Embedded Devices Based on Physical Unclonable Functions
Remote attestation mechanisms are well studied in the highend computing environments; however, the same is not true for embedded devices especially for smart cards. With ever changing landscape of smart card technology and advancements towards a true multiapplication platform, verifying the current state of the smart card is signi cant to the overall security of such proposals. The initiatives ...
متن کاملRemote Attestation Mechanism for User Centric Smart Cards Using Pseudorandom Number Generators
User Centric Smart Card Ownership Model (UCOM) gives the freedom of choice of respective applications to the smart card users. The user-centric architecture requires a trusted entity to be present on the smart card to provide security assurance and validation to the requesting application providers. In this paper, we propose the inclusion of a trusted computing platform for smart cards that we ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Inf. Sci.
دوره 321 شماره
صفحات -
تاریخ انتشار 2015