Abstract
Increasing efforts are placed on security solutions for nomadic users. Solutions based on smart cards offer physical and logical portability, robustness, low cost, and high security. Nevertheless, such solutions concentrate only on offering the cryptographical capabilities of the smart card, together with key and user certificate storage. Advanced trust management and access control are not addressed. In this article, we propose a scheme to include trust management and attribute certificates for authorization in two widely used cryptographic APIs: Microsoft CryptoAPI and RSA labs PKCS#11.
This work has been partially supported by UBISEC (IST STREP 506926) and Trust-ES (MEDEA+).
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
RSALabs: Pkcs#11 v2.11: Cryptographic token interface standard (2004)
Microsoft: The smart card cryptographic service provider cookbook (2002), http://msdn.microsoft.com/library/en-us/dnscard/html/smartcardcspcook.asp
Microsoft: Writing a csp (2004), http://msdn.microsoft.com/library/en-us/dnscard/html/smartcardcspcook.asp
Farrell, S., Housley, R.: An internet attribute certificate profile for authorization.Technical Report RFC 3281, IETF PKIX Working Group (2002)
Microsoft: Cryptography reference (2004), http://msdn.microsoft.com/library/default.asp?url=/library/en-us/seccrypto/security/cryptographyportal.asp
RSALabs: Pkcs#15 v1.1: Cryptographic token information format standard (2000)
Zimmermann, P.R.: The Official PGP User’s Guide. MIT Press, Cambridge (1995)
Team, T.G.: Gnupg (2005)
Union, I.T.: The directory: Public-key and attribute certificate frameworks. TechnicalReport X.509, International Telecommunication Union (2000)
ISO/IEC: 7816-4: Integrated circuit(s) cards with contacts. part 4: Interindustry commands for interchange (1995)
ISO/IEC: 7816-3: Integrated circuit(s) cards with contacts. part 3: Electronic signals and transmission protocols (1997)
ISO/IEC: 7816-15: Integrated circuit(s) cards with contacts. part 15: Cryptographic information application (1997)
Campo, C., Marin, A., Garcia, A., Diaz, I., Breuer, P., Delgado, C., Garcia, C.: JCCM: flexible certificates for smartcards with java card. In: Attali, S., Jensen, T. (eds.) E-smart 2001. LNCS, vol. 2140, p. 34. Springer, Heidelberg (2001)
Almenárez, F., Marín, A., Campo, C., García, C.: PTM: A Pervasive Trust Management Model for Dynamic Open Environments. In: First Workshop on Pervasive Security, Privacy and Trust PSPT 2004 in conjuntion with Mobiquitous (2004)
Almenarez, F., Diaz, D., Marin, A.: Secure ad-hoc mBusiness: Enhancing windowsCE security. In: Katsikas, S.K., López, J., Pernul, G. (eds.) TrustBus 2004. LNCS, vol. 3184, pp. 90–99. Springer, Heidelberg (2004)
TEAM, I.S.: Pkcs csp (2003), http://www.ilex.fr
Gemplus: Gemsafe products: Gemxpresso pkcs#11 documentation xpresso/ (2004), http://www.gemplus.com/products/software/gemsafe
Cucinotta, T.: Smart sign pkcs#11 modules (2005), http://sourceforge.net/projects/smartsign
Axalto: Cyberflex access sdk: Pkcs#11 module for cyberflex (2004), http://www.axalto.com/infosec/cyberflexaccess.asp
Libre-entreprise, R.: Cryptographic service provider number 11: How it works (2004), http://csp11.labs.libre-entreprise.org
Benjumea, V., Lopez, J., Montenegro, J.A., Troya, J.M.: A first approach to provide anonymity in attribute certificates. In: Bao, F., Deng, R., Zhou, J. (eds.) PKC 2004. LNCS, vol. 2947, pp. 402–415. Springer, Heidelberg (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 IFIP International Federation for Information Processing
About this paper
Cite this paper
Sánchez, D.D., Lopez, A.M., Mendoza, F.A. (2006). A Smart Card Solution for Access Control and Trust Management for Nomadic Users. In: Domingo-Ferrer, J., Posegga, J., Schreckling, D. (eds) Smart Card Research and Advanced Applications. CARDIS 2006. Lecture Notes in Computer Science, vol 3928. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11733447_5
Download citation
DOI: https://doi.org/10.1007/11733447_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-33311-1
Online ISBN: 978-3-540-33312-8
eBook Packages: Computer ScienceComputer Science (R0)