Global ETD Search

71	Využití čipových karet v oblasti elektronického podpisu / The Usage of Smart Cards in the Area of Digital Signature Jirovský, Tomáš January 2008 (has links) This master thesis deals with the usage of smart cards in the area of digital signature. The descriptive part of this work outlines the basic principles of digital signature, smart cards typology and current most important application areas of smart cards. The first aim of the analytic part of this work is to evaluate actual situation on the smart cards market and to estimate future market trends. The second aim is to provide summary of new technological trends and areas, in which the usage of smart cards can be expected. These new technological trends and areas are described on the basis of survey, which was realized in the company OKsystem. Part of this work serves information about practical solution OKsmart and the analysis of its future development trends.
72	Silná kryptografie na čipových kartách / Strong Cryptography on Smart Cards Konečný, Jakub January 2017 (has links) The diploma thesis is focused on cryptography with smart cards. It describes smart cards from hardware and software side. The thesis compares well known operating systems used on smart cards. Specified operating systems are widely analyzed. There is introduction to password authenticated key establishment protocols. PACE protocol is described in details together with implementation proposal. The implementation on the Basic card platform follows. In the end there is the time analysis of the implementation and further improvements are suggested.
73	Elektronické doklady / Electronic ID Cards Mravec, Roman January 2017 (has links) This master thesis deals with an implementation of Diffie-Hellman protocol on smart card which is based on MULTOS OS. Defines the smart cards based on MULTOS OS and their usage. Output of this thesis are applications for a smart card and for a client using Diffie-Hellman protocol for establishing of a secret key between two communication sides through unsecured communication channel.
74	Specification and verification of security policies for smart cards Schwan, Matthias 23 May 2008 (has links) Chipkarten sind ein fester Bestandteil unseres täglichen Lebens, das immer stärker von der Zuverlässigkeit derartiger Sicherheitssysteme abhängt, zum Beispiel Bezahlkarten, elektronische Gesundheitskarten oder Ausweisdokumente. Eine Sicherheitspolitik beschreibt die wichtigsten Sicherheitsziele und Sicherheitsfunktionen eines Systems und bildet die Grundlage für dessen zuverlässige Entwicklung. In der Arbeit konzentrieren wir uns auf multi-applikative Chipkartenbetriebssysteme und betrachten neue zusätzliche Sicherheitsziele, die dem Schutz der Kartenanwendungen dienen. Da die Qualität des Betriebssystems von der umgesetzten Sicherheitspolitik abhängt, ist deren Korrektheit von entscheidender Bedeutung. Mit einer Formalisierung können Zweideutigkeiten in der Interpretation ausgeschlossen und formale Beweistechniken angewendet werden. Bisherige formale Verifikationen von Sicherheitspolitiken beinhalten im allgemeinen den Nachweis von Safety-Eigenschaften. Wir verlangen zusätzlich die Betrachtung von Security-Eigenschaften, wobei aus heutiger Sicht beide Arten von Eigenschaften stets getrennt in unterschiedlichen Formalismen verifiziert werden. Die Arbeit stellt eine gemeinsame Spezifikations- und Verifikationsmethodik mit Hilfe von Observer-Modellen vor, die sowohl den Nachweis von Safety-Eigenschaften in einem TLA-Modell als auch den Nachweis von Security-Eigenschaften kryptografischer Protokolle in einem induktiven Modell erlaubt. Da wir alle Spezifikationen und Verifikationen im Werkzeug VSE-II durchführen, bietet das formale Modell der Sicherheitspolitik nicht nur einen abstrakten Blick auf das System, sondern dient gleichzeitig als abstrakte Systemspezifikation, die es in weiteren Entwicklungsschritten in VSE-II zu verfeinern gilt. Die vorgestellte Methodik der Integration beider Systemmodelle in VSE-II führt somit zu einer erhöhten und nachweisbaren Qualität von Sicherheitspolitiken und von Sicherheitssystemen. / Security systems that use smart cards are nowadays an important part of our daily life, which becomes increasingly dependent on the reliability of such systems, for example cash cards, electronic health cards or identification documents. Since a security policy states both the main security objectives and the security functions of a certain security system, it is the basis for the reliable system development. This work focuses on multi-applicative smart card operating systems and addresses new security objectives regarding the applications running on the card. As the quality of the operating system is determined by the underlying security policy, its correctness is of crucial importance. A formalization of it first provides an unambiguous interpretation and second allows for the analysis with mathematical precision. The formal verification of a security policy generally requires the verification of so-called safety properties; but in the proposed security policy we are additionally confronting security properties. At present, safety and security properties of formal system models are verified separately using different formalisms. In this work we first formalize a security policy in a TLA system specification to analyze safety properties and then separately verify security properties using an inductive model of cryptographic protocols. We provide a framework for combining both models with the help of an observer methodology. Since all specifications and proofs are performed with the tool VSE-II, the verified formal model of the security policy is not just an abstract view on the security system but becomes its high level specification, which shall be refined in further development steps also to be performed with the tool. Hence, the integration of the two approaches within the tool VSE-II leads to a new quality level of security policies and ultimately of the development of security systems. IT-Sicherheit Chipkarten Sicherheitspolitik Formale Verifikation IT Security Smart Cards Security Policy Formal Verification 004 Informatik 28 Informatik, Datenverarbeitung ddc:004
75	Internet-based electronic payment systems Kortekaas, Birgit Friederike 01 January 2002 (has links) As today, the traditional payment systems of cash, cheques and credit cards are being supplemented by electronic cheques, electronic credit card-based systems, and token-based systems, online security is of utmost importance and one of the biggest criteria used for evaluating electronic payment systems. Electronic payment systems must guarantee the essential security requirements: confidentiality, privacy, integrity, availability. authentication, non-repudiation as well as anonymity and trust. This paper compares the various payment systems (both traditional and electronic) available today mainly according to their security aspects. Secure processing can be accomplished including access controls and detection techniques, such as, encrypted communication channels, user and/or message authentication, symmetric and asymmetric encryption, digital certificates and firewalls. These effective security measures, which are outlined in detail in this paper, will protect the information and payment systems against security risks that currently threaten the Internet / Computing / M.Sc. (Information Systems) Internet Electronic commerce Electronic payment systems Authentication Confidentiality Identification Integrity Privacy Security Cryptography Certificates Encryption Digital signatures Anonymity Threats Electronic cash Electronic cheque Smart cards Electronic credit cards 658.478 Internet -- Economic aspects Internet -- Security measures Payment Electronic commerce -- Security measures Computer networks -- Security measures Data encryption (Computer science) Smart cards
76	Marketing strategies: a case study of smart card. January 1997 (has links) by Chan Tak-Wai, Woo Wai-Chung. / Thesis (M.B.A.)--Chinese University of Hong Kong, 1997. / Includes bibliographical references (leaves 89-91). / ABSTRACT --- p.ii / TABLE OF CONTENTS --- p.iv / ACKNOWLEDGMENTS --- p.vi / Chapter / Chapter I. --- INTRODUCTION --- p.1 / Definition of Smart Card --- p.2 / Smart Card --- p.2 / Electronic Money --- p.4 / Objective of Project --- p.5 / Chapter II. --- METHODOLOGY --- p.8 / Primary Data --- p.8 / Secondary Data --- p.9 / Literature Review --- p.10 / Chapter III. --- CARD PRODUCTS --- p.13 / Development of Credit Card and Smart Card --- p.13 / Scope of Usage of Smart Card --- p.15 / Commercial Areas --- p.15 / Medical Aspects --- p.16 / Telecommunications Industry --- p.17 / Banking System --- p.17 / Chapter IV. --- CITICORP --- p.20 / Citibank --- p.20 / Citibank H.K --- p.22 / Chapter V. --- CITIBANK H.K. CREDIT CARD PROFILE --- p.23 / Competitive Environment --- p.24 / Marketing Strategies --- p.25 / Chapter VI. --- SMART CARD PROFILE --- p.27 / Product --- p.27 / Market --- p.30 / Customer --- p.31 / Competitive --- p.33 / Company --- p.35 / Chapter VII. --- SURVEY RESULT --- p.38 / Chapter VIII. --- RECOMMENDATIONS --- p.39 / Characteristics of Target Market --- p.39 / Establishing Marketing Objective --- p.40 / Proposing Marketing Strategies --- p.40 / Product --- p.40 / Place --- p.43 / Price --- p.46 / Promotion --- p.47 / Physical Facilities --- p.50 / Personnel --- p.50 / Process Management --- p.50 / Chapter IX. --- CONCLUSION --- p.52 / APPENDIX --- p.55 / BIBLIOGRAPHY --- p.89 Citibank (Hong Kong, China) Smart card industry Smart cards--Marketing Electronic funds transfers Consumer behavior
77	Internet-based electronic payment systems Kortekaas, Birgit Friederike 01 January 2002 (has links) As today, the traditional payment systems of cash, cheques and credit cards are being supplemented by electronic cheques, electronic credit card-based systems, and token-based systems, online security is of utmost importance and one of the biggest criteria used for evaluating electronic payment systems. Electronic payment systems must guarantee the essential security requirements: confidentiality, privacy, integrity, availability. authentication, non-repudiation as well as anonymity and trust. This paper compares the various payment systems (both traditional and electronic) available today mainly according to their security aspects. Secure processing can be accomplished including access controls and detection techniques, such as, encrypted communication channels, user and/or message authentication, symmetric and asymmetric encryption, digital certificates and firewalls. These effective security measures, which are outlined in detail in this paper, will protect the information and payment systems against security risks that currently threaten the Internet / Computing / M.Sc. (Information Systems) Internet Electronic commerce Electronic payment systems Authentication Confidentiality Identification Integrity Privacy Security Cryptography Certificates Encryption Digital signatures Anonymity Threats Electronic cash Electronic cheque Smart cards Electronic credit cards 658.478 Internet -- Economic aspects Internet -- Security measures Payment Electronic commerce -- Security measures Computer networks -- Security measures Data encryption (Computer science) Smart cards
78	User Efficient Authentication Protocols with Provable Security Based on Standard Reduction and Model Checking Lin, Yi-Hui 12 September 2012 (has links) Authentication protocols are used for two parties to authenticate each other and build a secure channel over wired or wireless public channels. However, the present standards of authentication protocols are either insufficiently secure or inefficient for light weight devices. Therefore, we propose two authentication protocols for improving the security and user efficiency in wired and wireless environments, respectively. Traditionally, TLS/SSL is the standard of authentication and key exchange protocols in wired Internet. It is known that the security of TLS/SSL is not enough due to all sorts of client side attacks. To amend the client side security, multi-factor authentication is an effective solution. However, this solution brings about the issue of biometric privacy which raises public concern of revealing biometric data to an authentication server. Therefore, we propose a truly three factor authentication protocol, where the authentication server can verify their biometric data without the knowledge of users¡¦ templates and samples. In the major wireless technologies, extensible Authentication Protocol (EAP) is an authentication framework widely used in IEEE 802.11 WLANs. Authentication mechanisms built on EAP are called EAP methods. The requirements for EAP methods in WLANs authentication have been defined in RFC 4017. To achieve user efficiency and robust security, lightweight computation and forward secrecy, excluded in RFC 4017, are desired in WLAN authentication. However, all EAP methods and authentication protocols designed for WLANs so far do not satisfy all of the above properties. We will present a complete EAP method that utilizes stored secrets and passwords to verify users so that it can (1) meet the requirements of RFC 4017, (2) provide lightweight computation, and (3) allow for forward secrecy. In order to prove our proposed protocols completely, we apply two different models to examine their security properties: Bellare¡¦s model, a standard reduction based on computational model, that reduces the security properties to the computationally hard problems and the OFMC/AVISPA tool, a model checking approach based on formal model, that uses the concept of the search tree to systematically find the weaknesses of a protocol. Through adopting Bellare¡¦s model and OFMC/AVISPA tool, the security of our work is firmly established. Wireless Local Area Networks (WLANs) Wired and Wireless Security Model Checking Standard Reduction Formal Security Proofs Lightweight Devices Authentication Passwords Smart Cards Forward Secrecy Extensible Authentication Protocol (EAP) Biometric Privacy
79	Kryptografická ochrana digitální identity / Cryptographic Protection of Digital Identity Dzurenda, Petr January 2019 (has links) Dizertační práce se zabývá kryptografickými schématy zvyšující ochranu soukromí uživatelů v systémech řízení přístupu a sběru dat. V současnosti jsou systémy fyzického řízení přístupu na bázi čipových karet využívány téměř dennodenně většinou z nás, například v zaměstnání, ve veřejné dopravě a v hotelech. Tyto systémy však stále neposkytují dostatečnou kryptografickou ochranu a tedy bezpečnost. Uživatelské identifikátory a klíče lze snadno odposlechnout a padělat. Funkce, které by zajišťovaly ochranu soukromí uživatele, téměř vždy chybí. Proto je zde reálné riziko možného sledovaní lidí, jejich pohybu a chovaní. Poskytovatelé služeb nebo případní útočníci, kteří odposlouchávají komunikaci, mohou vytvářet profily uživatelů, ví, co dělají, kde se pohybují a o co se zajímají. Za účelem zlepšení tohoto stavu jsme navrhli čtyři nová kryptografická schémata založená na efektivních důkazech s nulovou znalostí a kryptografii eliptických křivek. Konkrétně dizertační práce prezentuje tři nová autentizační schémata pro využití v systémech řízení přístupu a jedno nové schéma pro využití v systémech sběru dat. První schéma využívá distribuovaný autentizační přístup vyžadující spolupráci více RFID prvků v autentizačním procesu. Tato vlastnost je výhodná zvláště v případech řízení přístupu do nebezpečných prostor, kdy pro povolení přístupu uživatele je nezbytné, aby byl uživatel vybaven ochrannými pomůckami (se zabudovanými RFID prvky). Další dvě schémata jsou založena na atributovém způsobu ověření, tj. schémata umožňují anonymně prokázat vlastnictví atributů uživatele, jako je věk, občanství a pohlaví. Zatím co jedno schéma implementuje efektivní revokační a identifikační mechanismy, druhé schéma poskytuje nejrychlejší verifikaci držení uživatelských atributů ze všech současných řešení. Poslední, čtvrté schéma reprezentuje schéma krátkého skupinového podpisu pro scénář sběru dat. Schémata sběru dat se používají pro bezpečný a spolehlivý přenos dat ze vzdálených uzlů do řídící jednotky. S rostoucím významem chytrých měřičů v energetice, inteligentních zařízení v domácnostech a rozličných senzorových sítí, se potřeba bezpečných systémů sběru dat stává velmi naléhavou. Tato schémata musí podporovat nejen standardní bezpečnostní funkce, jako je důvěrnost a autentičnost přenášených dat, ale také funkce nové, jako je silná ochrana soukromí a identity uživatele či identifikace škodlivých uživatelů. Navržená schémata jsou prokazatelně bezpečná a nabízí celou řadu funkcí rozšiřující ochranu soukromí a identity uživatele, jmenovitě se pak jedná o zajištění anonymity, nesledovatelnosti a nespojitelnosti jednotlivých relací uživatele. Kromě úplné kryptografické specifikace a bezpečnostní analýzy navržených schémat, obsahuje tato práce také výsledky měření implementací jednotlivých schémat na v současnosti nejpoužívanějších zařízeních v oblasti řízení přístupu a sběru dat.
80	Návrh bezpečnostní infrastruktury elektronického archivu / Design of security infrastructure for electronic archive Doležel, Radek January 2009 (has links) This master's thesis deals with design of security infrastructure for electronic archive. In theoretical part is disscus about technical resources which are based on security services and protocols and methods which are used for protection. On basics of theoretical part is designed model of security infrastructure and it is built in laboratory. Model of security infrastructure is based on Open Source Software and as safety storages for private user authentication data are used cryptographic USB tokens. This master's thesis includes design and construction of real infrastructure of secured electronic archive. In each part of master's thesis is put main emphases on security and clear explanation from the beginning of desing of model of security infrastructure for electronic archive to finish of construction.

Search results