Enhancement of Security Architecture for Smartcard Based Authentication Protocols
Currently computer systems and software used by the average user offer less security due to rapid growth of vulnerability techniques. This dissertation presents an approach to increase the level of security provided to users when interacting with otherwise unsafe applications and computing system...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2004
|
| Subjects: | |
| Online Access: | http://psasir.upm.edu.my/id/eprint/5939/1/FK_2004_47%20IR.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Currently computer systems and software used by the average user offer less
security due to rapid growth of vulnerability techniques. This dissertation
presents an approach to increase the level of security provided to users when
interacting with otherwise unsafe applications and computing systems. It
provides a general framework for constructing and analyzing authentication
protocols in realistic models of communication networks. This framework
provides a sound formalization for the authentication problem and suggests
simple and attractive design principles for general authentication protocols. The
general approach uses trusted devices (specifically smartcards) to provide an area of secure processing and storage. The key element in this approach is a
modular treatment of the authentication problem in cryptographic protocols; this
applies to the definition of security, to the design of the protocols, and to their
analysis. The definitions are drawn from previous ideas and formalizations and
incorporate several aspects that were previously overlooked. To identify the best
cryptographic algorithm suitable for smartcard applications, the dissertation also
investigates the implementation of Elliptic Curve encryption techniques and
presents performance comparisons based on similar techniques. The findings
discovered that the proposed Elliptic Curve Cryptograpluc (ECC) method
provides greater efficiency than similar method in terms of computational speed.
Specifically, several aspects of authentication protocols were studied, and new
definitions of this problem were presented in various settings depending on the
underlying network. Further, the thesis shows how to systematically transform
solutions that work in a model of idealized authenticated communications into
solutions that are secure in the realistic setting of wired communication channels
such as access control, and online transactions involving contact communication
schemes.
As with all software development, good design and engineering practices are
important for software quality. Rather than thinking of security as an add-on feature to software systems, security should be designed into the system from the
earliest stages of requirements gathering through development, testing,
integration, and deployment. In view of this, a new approach for dealing with
this problem in an object-oriented approach is presented. Some practical
illustrations were analyzed based on the Unified Modeling Language (UML) as it
applies to modeling authentication/access control schemes in online
transactions. In particular, important issues such as how smartcard applications
can be modeled using UML techniques and how UML can be used to sketch the
operations for implementing a secure access using smartcard has been
addressed. |
|---|