A user centric security model for tamper-resistant devices

Akram, Raja

January 2012

In this thesis, we propose a ubiquitous and interoperable device based on the smart card architecture to meet the challenges of privacy, trust, and security for traditional and emerging technologies like personal computers, smart phones and tablets. Such a device is referred as User Centric Tamper-Resistant Device (UCTD). To support the smart card architecture for the UCTD initiative, we propose the delegation of smart card ownership from a stringent centralised authority (i.e. the card issuer) to users. This delegation mandated the review of existing smart card mechanisms and their adequate modifications/improvements. Since the inception of smart card technology, the most prevalent ownership model in the smart card industry has been the Issuer Centric Smart Card Ownership Model (ICOM). The ICOM has no doubt played a pivotal role in the proliferation of the technology into various segments of modern life. However, it has been a barrier to the convergence of different services on a smart card. In addition, it might be considered as a hurdle to the adaption of smart card technology into a general-purpose security device. To avoid these issues, we propose citizen ownership of smart cards, referred as the User Centric Smart Card Ownership Model (UCOM). Contrary to the ICOM, it gives the power of decision to install or delete an application on a smart card to its user. The ownership of corresponding applications remains with their respective application providers along with the choice to lease their application to a card or not. In addition, based on the UCOM framework, we also proposed the Coopetitive Architecture for Smart Cards (CASC) that merges the centralised control of card issuers with the provision of application choice to the card user. In the core of the thesis, we analyse the suitability of the existing smart card architectures for the UCOM. This leads to the proposal of three major contributions spanning the smart card architecture, the application management framework, and the execution environment. Furthermore, we propose protocols for the application installation mechanism and the application sharing mechanism (i.e. smart card firewall). In addition to this, we propose a framework for backing-up, migrating, and restoring the smart card contents. Finally, we provide the test implementation results of the proposed protocols along with their performance measures. The protocols are then compared in terms of features and performance with existing smart cards and internet protocols. In order to provide a more detailed analysis of proposed protocols and for the sake of completeness, we performed mechanical formal analysis using the CasperFDR.

006.246

Smart card systems : managing risks and modelling security protocols using SystemC and Transaction Level Modelling

Bushager, Aisha Fouad

January 2011

Smart cards are examples of advanced chip technology. They allow information transfer between the card holder and the system over secure networks, but they contain sensitive data related to both the card holder and the system, that has to be kept private and confidential. The aim of the research is to conduct a risk management programme on the smart cards systems that are employed in e-business systems, suggest the best safeguards to be applied to better secure the smart card systems depending on the services and applications the smart card serves, and produce a simulation tool using a high level of abstraction programming language to be able to test the robustness of the proposed solutions. The study contributions are producing a Risk Analysis Guide specifically on smart card systems to support managerial decision making, modelling the current and proposed smart card systems including modelling the possible attacks using the Unified Modelling Language (UML) diagrams, and developing an executable model using SystemC and Transaction Level Modelling (TLM)extensions, which is a new way of modelling and testing smart card systems security. The security objectives have to be considered during the early stages of systems development and design; an executable model will give the designer the advantage of identifying vulnerabilities at an early stage, and therefore enhance the system security. The developed model is used to examine the effectiveness of number of authentication mechanisms with different probabilities of failure. Numbers of probable attacks on the current security protocol are modeled to identify vulnerabilities. The executable model shows that the smart card system security protocols and transactions need further improvement to withstand different types of security attacks.

006.246