Multilateral security a concept and examples for balanced security
Proceedings of the 2000 workshop on New security paradigms
JavaCard '00 Revised Papers from the First International Workshop on Java on Smart Cards: Programming and Security
Security Architecture of the Austrian Citizen Card Concept
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Advances in network smart cards authentication
Computer Networks: The International Journal of Computer and Telecommunications Networking
Network smart card review and analysis
Computer Networks: The International Journal of Computer and Telecommunications Networking
Improving authentication of remote card transactions with mobile personal trusted devices
Computer Communications
Smart cards in hostile environments
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
vTPM: virtualizing the trusted platform module
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
A practical guide to trusted computing
A practical guide to trusted computing
Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
The Trusted Execution Module: Commodity General-Purpose Trusted Computing
CARDIS '08 Proceedings of the 8th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
TLS-tandem: a smart card for web applications
CCNC'09 Proceedings of the 6th IEEE Conference on Consumer Communications and Networking Conference
Automatic generation of network protocol gateways
Middleware'09 Proceedings of the ACM/IFIP/USENIX 10th international conference on Middleware
Experience report: trading dependability, performance, and security through temporal decoupling
Proceedings of the 11th IFIP WG 6.1 international conference on Distributed applications and interoperable systems
ICWE'13 Proceedings of the 13th international conference on Web Engineering
Hi-index | 0.00 |
Smart cards are commonly used for tasks with high security requirements such as digital signatures or online banking. However, systems thatWeb-enable smart cards often reduce the security and usability characteristics of the original application, e.g., by forcing users to execute privileged code on the local terminal (computer) or by insufficient protection against malware. In this paper we contribute with techniques to generally Web-enable smart cards and to address the risks of malicious attacks. In particular, our contributions are: (i) A single generic proxy to allow a multitude of authorized Web applications to communicate with existing smart cards and (ii) two security extensions to mitigate the effects of malware. Overall, we can mitigate the security risks of Web-based smart card transactions and--at the same time--increase the usability for users.