Enhancement of Security Architecture for Smartcard Based Authentication Protocols

Mohammed, Lawan Ahmed (2004) Enhancement of Security Architecture for Smartcard Based Authentication Protocols. PhD thesis, Universiti Putra Malaysia.

[img] PDF
740Kb

Abstract

Currently computer systems and software used by the average user offer less security due to rapid growth of vulnerability techniques. This dissertation presents an approach to increase the level of security provided to users when interacting with otherwise unsafe applications and computing systems. It provides a general framework for constructing and analyzing authentication protocols in realistic models of communication networks. This framework provides a sound formalization for the authentication problem and suggests simple and attractive design principles for general authentication protocols. The general approach uses trusted devices (specifically smartcards) to provide an area of secure processing and storage. The key element in this approach is a modular treatment of the authentication problem in cryptographic protocols; this applies to the definition of security, to the design of the protocols, and to their analysis. The definitions are drawn from previous ideas and formalizations and incorporate several aspects that were previously overlooked. To identify the best cryptographic algorithm suitable for smartcard applications, the dissertation also investigates the implementation of Elliptic Curve encryption techniques and presents performance comparisons based on similar techniques. The findings discovered that the proposed Elliptic Curve Cryptograpluc (ECC) method provides greater efficiency than similar method in terms of computational speed. Specifically, several aspects of authentication protocols were studied, and new definitions of this problem were presented in various settings depending on the underlying network. Further, the thesis shows how to systematically transform solutions that work in a model of idealized authenticated communications into solutions that are secure in the realistic setting of wired communication channels such as access control, and online transactions involving contact communication schemes. As with all software development, good design and engineering practices are important for software quality. Rather than thinking of security as an add-on feature to software systems, security should be designed into the system from the earliest stages of requirements gathering through development, testing, integration, and deployment. In view of this, a new approach for dealing with this problem in an object-oriented approach is presented. Some practical illustrations were analyzed based on the Unified Modeling Language (UML) as it applies to modeling authentication/access control schemes in online transactions. In particular, important issues such as how smartcard applications can be modeled using UML techniques and how UML can be used to sketch the operations for implementing a secure access using smartcard has been addressed.

Item Type:Thesis (PhD)
Subject:Smart cards - Authentication - Case studies
Chairman Supervisor:Associate Professor Haji Dr. Abdul Rahman Ramli, PhD
Call Number:FK 2004 47
Faculty or Institute:Faculty of Engineering
ID Code:5939
Deposited By: Nur Izyan Mohd Zaki
Deposited On:06 May 2010 10:01
Last Modified:27 May 2013 07:26

Repository Staff Only: item control page

Document Download Statistics

This item has been downloaded for since 06 May 2010 10:01.

View statistics for "Enhancement of Security Architecture for Smartcard Based Authentication Protocols"


Universiti Putra Malaysia Institutional Repository

Universiti Putra Malaysia Institutional Repository is an on-line digital archive that serves as a central collection and storage of scientific information and research at the Universiti Putra Malaysia.

Currently, the collections deposited in the IR consists of Master and PhD theses, Master and PhD Project Report, Journal Articles, Journal Bulletins, Conference Papers, UPM News, Newspaper Cuttings, Patents and Inaugural Lectures.

As the policy of the university does not permit users to view thesis in full text, access is only given to the first 24 pages only.