Titre du document / Document title

Authenticating mandatory access controls and preserving privacy for a high-assurance smart card

Auteur(s) / Author(s)

SCHERZER Helmut ⁽¹⁾ ; CANETTI Ran ⁽²⁾ ; KARGER Paul A. ⁽²⁾ ; KRAWCZYK Hugo ^{(2 3)} ; RABIN Tal ⁽²⁾ ; TOLL David C. ⁽²⁾ ;

Affiliation(s) du ou des auteurs / Author(s) Affiliation(s)

⁽¹⁾ IBM Deutschland GmbH, Secure Systems and Smart Cards, Schönaicher Str. 220, 71032 Böblingen, ALLEMAGNE
⁽²⁾ IBM Research Division, T. J. Watson Research Center, PO Box 704, Yorktown Heights, NY 10598, ETATS-UNIS
⁽³⁾ Department of Electrical Engineering, Technion, Haifa, 32000, ISRAEL

Résumé / Abstract

This paper presents an authentication protocol for high-assurance smart card operating systems that support download of mutually suspicious applications. Such a protocol is required to be part of the operating system, rather than the traditional smart card approach of allowing applications to do authentication, because strong authentication is essential for the operating system to protect one application from another. The protocol itself is based on the existing IKE protocol [13], used for authentication in IPSEC. What is new is the integration of an IKE-like protocol with authentication of mandatory secrecy and integrity access controls, the recognition that a single PKI-hierarchy cannot certify identity and all possible mandatory access rights, and the use of IKE to resolve privacy problems found in existing smart card authentication protocols.

Revue / Journal Title

Lecture notes in computer science   ISSN 0302-9743 

Source / Source

Congrès
ESORICS 2003 : computer security :   ( Gjovik, 13-15 October 2003 )
European symposium on research in computer security N^o8, Gjovik , NORVEGE (13/10/2003)
2003  , vol. 2808, pp. 181-200[Note(s) : X, 343 p., ] [Document : 20 p.] (33 ref.) ISBN 3-540-20300-1 ;  Illustration : Illustration ;

Langue / Language

Anglais

Editeur / Publisher

Springer, Berlin, ALLEMAGNE  (1973) (Revue)
Springer, Berlin, ALLEMAGNE  (2003) (Monographie)

Mots-clés anglais / English Keywords

Secrecy ; Smart cards ; Confidentiality ; Access control ; Hierarchized structure ; Integrity ; Operating system ; Authentication ; Private life ; Safety ;

Mots-clés français / French Keywords

Secret ; Carte à puce ; Confidentialité ; Contrôle accès ; Structure hiérarchisée ; Intégrité ; Système exploitation ; Authentification ; Vie privée ; Sécurité ;

Mots-clés espagnols / Spanish Keywords

Secreto ; Confidencialidad ; Estructura jerarquizada ; Integridad ; Sistema operativo ; Autenticación ; Vida privada ; Seguridad ;

Localisation / Location

INIST-CNRS, Cote INIST : 16343, 35400011777613.0110