SmartK: Smart cards in operating systems at kernel level

Authors:
Luigi Catuogno;Roberto Gassirí;Michele Masullo;Ivan Visconti
Affiliations:
Dipartimento di Informatica, Universití degli Studi di Salerno, Via Ponte Don Melillo, I-84084 Fisciano (SA), Italy;Dipartimento di Informatica, Universití degli Studi di Salerno, Via Ponte Don Melillo, I-84084 Fisciano (SA), Italy;Dipartimento di Informatica, Universití degli Studi di Salerno, Via Ponte Don Melillo, I-84084 Fisciano (SA), Italy;Dipartimento di Informatica, Universití degli Studi di Salerno, Via Ponte Don Melillo, I-84084 Fisciano (SA), Italy
Venue:
Information Security Tech. Report
Year:
2013

Citing 11
Cited 0

Smart card security and applications

Smart card security and applications
The Design and Implementation of a Transparent Cryptographic File System for UNIX

Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Integrating Smart Cards Into Authentication Systems

Proceedings of the International Conference on Cryptography: Policy and Algorithms
Practical Security Systems with Smartcards

HOTOS '99 Proceedings of the The Seventh Workshop on Hot Topics in Operating Systems
A secure and reliable bootstrap architecture

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
A format-independent architecture for run-time integrity checking of executable code

SCN'02 Proceedings of the 3rd international conference on Security in communication networks
Poster: practical trusted computing for mhealth sensing

MobiSys '11 Proceedings of the 9th international conference on Mobile systems, applications, and services
L4Android: a generic operating system framework for secure smartphones

Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
Securing operating system services based on smart cards

TrustBus'05 Proceedings of the Second international conference on Trust, Privacy, and Security in Digital Business
Proxy smart card systems

WISTP'10 Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices
Kerberos: an authentication service for computer networks

IEEE Communications Magazine

Quantified Score

Hi-index	0.00

Visualization

Abstract

A smart card is a tamper-resistant miniature computer that performs some basic computations on input a secret information. So far, smart cards have been widely used for securing many digital transactions (e.g., pay television, ATM machines). We focus on the implementation of operating system security services leveraging on smart cards. This very challenging feature allows one to personalize some functionalities of the operating system by simply changing a smart card. Current solutions for integrating smart card features in operating system services require at least a partial execution of some of the operating system functionalities at ''user level''. Unfortunately, system functionalities built on top of components lying at both kernel and user levels may negatively affect the overall system security, due to the introduction of multiple points of failure. In this work, we present the design and implementation of SmartK: a framework that integrates features of smart cards uniquely in the Linux kernel. In order to validate our approach, we propose a host of enhancements to the Linux operating system built on top of SmartK: 1) in-kernel clients' authentication with Kerberos; 2) execution of trusted code; 3) key management in secure network filesystems. In particular, we present an experimental Linux OS distribution (SalSA), which addresses the security issues related to downloading packages and to updating an operating system through the Internet.