Authenticating mandatory access controls and preserving privacy for a high-assurance smart card

Helmut Scherzer, Ran Canetti, Paul A. Karger, Hugo Krawczyk, Tal Rabin, David C. Toll

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

10 Scopus citations

Abstract

This paper presents an authentication protocol for highassurance smart card operating systems that support download of mutually suspicious applications. Such a protocol is required to be part of the operating system, rather than the traditional smart card approach of allowing applications to do authentication, because strong authentication is essential for the operating system to protect one application from another. The protocol itself is based on the existing IKE protocol [13], used for authentication in IPSEC. What is new is the integration of an IKE-like protocol with authentication of mandatory secrecy and integrity access controls, the recognition that a single PKI-hierarchy cannot certify identity and all possible mandatory access rights, and the use of IKE to resolve privacy problems found in existing smart card authentication protocols.

Original languageEnglish
Title of host publicationComputer Security - ESORICS 2003
EditorsEinar Snekkenes, Dieter Gollmann
PublisherSpringer Verlag
Pages181-200
Number of pages20
ISBN (Print)3540203001, 9783540203001
DOIs
StatePublished - 2003
Externally publishedYes
Event8th European Symposium on Research in Computer Security, ESORICS 2003 - Gjovik, Norway
Duration: 13 Oct 200315 Oct 2003

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume2808
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference8th European Symposium on Research in Computer Security, ESORICS 2003
Country/TerritoryNorway
CityGjovik
Period13/10/0315/10/03

Fingerprint

Dive into the research topics of 'Authenticating mandatory access controls and preserving privacy for a high-assurance smart card'. Together they form a unique fingerprint.

Cite this