Skip to main content
SpringerLink
Log in

A Platform for OnBoard Credentials

  • Conference paper
Financial Cryptography and Data Security (FC 2008)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5143))

Included in the following conference series:

Abstract

Securely storing and using credentials for authentication is an essential part of protecting financial applications like on-line banking and other distributed applications. Existing approaches fall short: Requiring users to memorize credentials suffers from bad usability and is vulnerable to phishing. “Password managers” ease the usability problem somewhat, but are open to software attacks, like Trojans that steal passwords. At the other extreme, dedicated hardware tokens provide high levels of security, but are expensive and not very flexible. We observe that general-purpose secure hardware are becoming widely available and use them to develop a platform for “OnBoard Credentials” (ObCs) which combine the flexibility of virtual credentials with the higher levels of protection due to the use of secure hardware.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Asokan, N., et al.: On-board credentials platform: design and implementation, NRC report NRC-TR-2008-001 (to appear) (January 2008), http://research.nokia.com/files/NRCTR2008001.pdf

  2. Ekberg, J.-E., Kylänpää, M.: Mobile trusted module. NRC report NRCTR- 2007-015 (2007), http://research.nokia.com/files/NRCTR2007015.pdf

  3. Sharma, A.: On-board credentials: Hardware-assisted secure storage of credentials. Master’s thesis, Helsinki University of Technology (2007), http://asokan.org/asokan/research/Aish-Thesis-final.pdf

  4. Srage, J., Azema, J.: M-shield mobile security technology, TI White paper (2005), http://focus.ti.com/pdfs/wtbu/ti_mshield_whitepaper.pdf

Download references

Author information

Authors and Affiliations

  1. Nokia Research Center, Helsinki, Finland

    N. Asokan & Jan-Erik Ekberg

Authors
  1. N. Asokan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jan-Erik Ekberg
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Gene Tsudik

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Asokan, N., Ekberg, JE. (2008). A Platform for OnBoard Credentials. In: Tsudik, G. (eds) Financial Cryptography and Data Security. FC 2008. Lecture Notes in Computer Science, vol 5143. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-85230-8_31

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-85230-8_31

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-85229-2

  • Online ISBN: 978-3-540-85230-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation