Application-Binding Protocol in the User Centric Smart Card Ownership Model

Raja Naeem Akram, Konstantinos Markantonakis, Keith Mayes

Research output: Chapter in Book/Report/Conference proceedingPublished conference contribution

7 Citations (Scopus)


The control of the application choice is delegated to the smart card users in the User Centric Smart Card Ownership Model (UCOM). There is no centralised authority that controls the card environment, and it is difficult to have implicit trust on applications installed on a smart card. The application sharing mechanism in smart cards facilitates corroborative and interrelated applications to co-exist and augment each other's functionality. The already established application sharing mechanisms (e.g. in Java Card and Multos) do not fully satisfy the security requirements of the UCOM. Therefore, the application sharing mechanism in the UCOM requires a security framework that provides runtime authentication, and verification of an application. Such a framework is the focus of this paper. To support the framework, we propose a protocol that is verified using CasperFDR. In addition, we implemented the protocol and provide a performance comparison with existing protocols.
Original languageEnglish
Title of host publicationAustralasian Conference on Information Security and Privacy (ACISP 2011)
Place of PublicationMelbourne, Australia
Number of pages18
Publication statusPublished - 1 Jul 2011


Dive into the research topics of 'Application-Binding Protocol in the User Centric Smart Card Ownership Model'. Together they form a unique fingerprint.

Cite this