Smart Card Security Evaluations

Akram, R.N., Markantonakis, K., Mayes, K.: A Dynamic and Ubiquitous Smart Card Security Assurance and Validation Mechanism. In: Kai Rannenberg,, Varadharajan, V., and Weber, C. 25th IFIP International Information Security Conference (SEC 2010). p. 161-171. Springer Berlin Heidelberg, Brisbane, Australia (2010).Abstract
Smart cards have been deployed as trusted components in a wide range of industries. The basis of the trust on a smart card platform and applications is static and evaluated before the card issuance to cardholders. A dynamic and post-issuance security assurance and validation mechanism can be useful but it is not considered necessary in the Issuer Centric Smart Card Ownership Model. However in an open and dynamic smart card environment like the User Centric Smart Card Ownership Model it is essential to have a mechanism that on request could provide assurance and validation of the implemented and evaluated security mechanisms. Such a framework is the focus of this paper.