UPM Institutional Repository

Enhancement of Security Architecture for Smartcard Based Authentication Protocols


Citation

Mohammed, Lawan Ahmed (2004) Enhancement of Security Architecture for Smartcard Based Authentication Protocols. Doctoral thesis, Universiti Putra Malaysia.

Abstract

Currently computer systems and software used by the average user offer less security due to rapid growth of vulnerability techniques. This dissertation presents an approach to increase the level of security provided to users when interacting with otherwise unsafe applications and computing systems. It provides a general framework for constructing and analyzing authentication protocols in realistic models of communication networks. This framework provides a sound formalization for the authentication problem and suggests simple and attractive design principles for general authentication protocols. The general approach uses trusted devices (specifically smartcards) to provide an area of secure processing and storage. The key element in this approach is a modular treatment of the authentication problem in cryptographic protocols; this applies to the definition of security, to the design of the protocols, and to their analysis. The definitions are drawn from previous ideas and formalizations and incorporate several aspects that were previously overlooked. To identify the best cryptographic algorithm suitable for smartcard applications, the dissertation also investigates the implementation of Elliptic Curve encryption techniques and presents performance comparisons based on similar techniques. The findings discovered that the proposed Elliptic Curve Cryptograpluc (ECC) method provides greater efficiency than similar method in terms of computational speed. Specifically, several aspects of authentication protocols were studied, and new definitions of this problem were presented in various settings depending on the underlying network. Further, the thesis shows how to systematically transform solutions that work in a model of idealized authenticated communications into solutions that are secure in the realistic setting of wired communication channels such as access control, and online transactions involving contact communication schemes. As with all software development, good design and engineering practices are important for software quality. Rather than thinking of security as an add-on feature to software systems, security should be designed into the system from the earliest stages of requirements gathering through development, testing, integration, and deployment. In view of this, a new approach for dealing with this problem in an object-oriented approach is presented. Some practical illustrations were analyzed based on the Unified Modeling Language (UML) as it applies to modeling authentication/access control schemes in online transactions. In particular, important issues such as how smartcard applications can be modeled using UML techniques and how UML can be used to sketch the operations for implementing a secure access using smartcard has been addressed.


Download File

[img] Text
FK_2004_47 IR.pdf

Download (1MB)

Additional Metadata

Item Type: Thesis (Doctoral)
Subject: Smart cards - Authentication - Case studies
Call Number: FK 2004 47
Chairman Supervisor: Associate Professor Haji Dr. Abdul Rahman Ramli, PhD
Divisions: Faculty of Engineering
Depositing User: Nur Izyan Mohd Zaki
Date Deposited: 06 May 2010 10:01
Last Modified: 10 Feb 2022 01:52
URI: http://psasir.upm.edu.my/id/eprint/5939
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item