Trusted Execution Environment

Akram, R.N., Markantonakis, K., Mayes, K.: Simulator Problem in User Centric Smart Card Ownership Model. In: Tang, H.Y. and Fu, X. EUC. p. 679-686. IEEE Computer Society, HongKong China (2010).Abstract
The Issuer Centric Smart Card Ownership Model (ICOM) gives complete control of smart cards to their respective card issuers enabling them to install modify or delete applications remotely in a secure manner. However the User Centric Smart Card Ownership Model (UCOM) delegates the ownership of smart cards to their users entitling them to install or delete any application according to their requirements. In the UCOM there might be no off-card relationship between a smart card and an application provider referred to as a Service Provider which is the cornerstone of the ICOM security framework. Therefore this creates unique security issues like the simulator problem in which a malicious user may simulate the smart card environment on a computing device and requests installation of an application. Following this it might be possible to retrieve sensitive application data by reverse engineering. In this paper we analyse the simulator problem how it affects the UCOM and propose a possible solution.
Akram, R.N., Markantonakis, K., Mayes, K.: A Dynamic and Ubiquitous Smart Card Security Assurance and Validation Mechanism. In: Kai Rannenberg,, Varadharajan, V., and Weber, C. 25th IFIP International Information Security Conference (SEC 2010). p. 161-171. Springer Berlin Heidelberg, Brisbane, Australia (2010).Abstract
Smart cards have been deployed as trusted components in a wide range of industries. The basis of the trust on a smart card platform and applications is static and evaluated before the card issuance to cardholders. A dynamic and post-issuance security assurance and validation mechanism can be useful but it is not considered necessary in the Issuer Centric Smart Card Ownership Model. However in an open and dynamic smart card environment like the User Centric Smart Card Ownership Model it is essential to have a mechanism that on request could provide assurance and validation of the implemented and evaluated security mechanisms. Such a framework is the focus of this paper.
Akram, R.N., Markantonakis, K., Mayes, K.: User Centric Security Model for Tamper-Resistant Devices. In: Li, J. and Chung, J.-Y. 8th IEEE International Conference on e-Business Engineering (ICEBE 2011). p. 168-177. IEEE Computer Society, Beijing, China (2011).Abstract
Tamper-resistant devices provide a secure, reliable, and trusted execution environment even in the possession of an adversary. With ever growing use of computing platforms (i.e. mobile phones, tablets and embedded devices, etc.) the potential for compromising the security and privacy of an individual is increased. The Trusted Platform Module is restricted to integrity measurement and cryptographic operations, which is crucial in its own right. On the contrary, smart cards provide a general-purpose execution environment, but traditionally they are under a centralised control, which if extended to the other computing platforms may not be appropriate. Therefore, in this paper we analyse the rationale for a general-purpose cross-platform user centric tamper-resistant device based on the smart card architecture, its applications in different computing environments, along with the ownership management framework.
Akram, R.N., Markantonakis, K., Mayes, K.: Firewall Mechanism in a User Centric Smart Card Ownership Model. In: Gollmann, D., Lanet, J.-L., and Iguchi-Cartigny, J. Smart Card Research and Advanced Application, 9th IFIP WG 8.8/11.2 International Conference, CARDIS 2010. p. 118-132. Springer Berlin Heidelberg, Passau Germany (2010). WebsiteAbstract
Multi-application smart card technology facilitates applications to securely share their data and functionality. The security enforcement and assurance in application sharing is provided by the smart card firewall. The firewall mechanism is well defined and studied in the Issuer Centric Smart Card Ownership Model (ICOM) in which a smart card is under total control of its issuer. However it is not analysed in the User Centric Smart Card Ownership Model (UCOM) that delegates the smart card control to their users. In this paper we present UCOM's security requirements for the firewall mechanism and propose a generic framework that satisfies them.