Enhancement of Security Architecture for Smartcard Based Authentication Protocols
Currently computer systems and software used by the average user offer less security due to rapid growth of vulnerability techniques. This dissertation presents an approach to increase the level of security provided to users when interacting with otherwise unsafe applications and computing system...
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2004
|
| Subjects: | |
| Online Access: | http://psasir.upm.edu.my/id/eprint/5939/ http://psasir.upm.edu.my/id/eprint/5939/1/FK_2004_47%20IR.pdf |
| _version_ | 1848840237824868352 |
|---|---|
| author | Mohammed, Lawan Ahmed |
| author_facet | Mohammed, Lawan Ahmed |
| author_sort | Mohammed, Lawan Ahmed |
| building | UPM Institutional Repository |
| collection | Online Access |
| description | Currently computer systems and software used by the average user offer less
security due to rapid growth of vulnerability techniques. This dissertation
presents an approach to increase the level of security provided to users when
interacting with otherwise unsafe applications and computing systems. It
provides a general framework for constructing and analyzing authentication
protocols in realistic models of communication networks. This framework
provides a sound formalization for the authentication problem and suggests
simple and attractive design principles for general authentication protocols. The
general approach uses trusted devices (specifically smartcards) to provide an area of secure processing and storage. The key element in this approach is a
modular treatment of the authentication problem in cryptographic protocols; this
applies to the definition of security, to the design of the protocols, and to their
analysis. The definitions are drawn from previous ideas and formalizations and
incorporate several aspects that were previously overlooked. To identify the best
cryptographic algorithm suitable for smartcard applications, the dissertation also
investigates the implementation of Elliptic Curve encryption techniques and
presents performance comparisons based on similar techniques. The findings
discovered that the proposed Elliptic Curve Cryptograpluc (ECC) method
provides greater efficiency than similar method in terms of computational speed.
Specifically, several aspects of authentication protocols were studied, and new
definitions of this problem were presented in various settings depending on the
underlying network. Further, the thesis shows how to systematically transform
solutions that work in a model of idealized authenticated communications into
solutions that are secure in the realistic setting of wired communication channels
such as access control, and online transactions involving contact communication
schemes.
As with all software development, good design and engineering practices are
important for software quality. Rather than thinking of security as an add-on feature to software systems, security should be designed into the system from the
earliest stages of requirements gathering through development, testing,
integration, and deployment. In view of this, a new approach for dealing with
this problem in an object-oriented approach is presented. Some practical
illustrations were analyzed based on the Unified Modeling Language (UML) as it
applies to modeling authentication/access control schemes in online
transactions. In particular, important issues such as how smartcard applications
can be modeled using UML techniques and how UML can be used to sketch the
operations for implementing a secure access using smartcard has been
addressed. |
| first_indexed | 2025-11-15T07:24:09Z |
| format | Thesis |
| id | upm-5939 |
| institution | Universiti Putra Malaysia |
| institution_category | Local University |
| language | English |
| last_indexed | 2025-11-15T07:24:09Z |
| publishDate | 2004 |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | upm-59392022-02-10T01:52:11Z http://psasir.upm.edu.my/id/eprint/5939/ Enhancement of Security Architecture for Smartcard Based Authentication Protocols Mohammed, Lawan Ahmed Currently computer systems and software used by the average user offer less security due to rapid growth of vulnerability techniques. This dissertation presents an approach to increase the level of security provided to users when interacting with otherwise unsafe applications and computing systems. It provides a general framework for constructing and analyzing authentication protocols in realistic models of communication networks. This framework provides a sound formalization for the authentication problem and suggests simple and attractive design principles for general authentication protocols. The general approach uses trusted devices (specifically smartcards) to provide an area of secure processing and storage. The key element in this approach is a modular treatment of the authentication problem in cryptographic protocols; this applies to the definition of security, to the design of the protocols, and to their analysis. The definitions are drawn from previous ideas and formalizations and incorporate several aspects that were previously overlooked. To identify the best cryptographic algorithm suitable for smartcard applications, the dissertation also investigates the implementation of Elliptic Curve encryption techniques and presents performance comparisons based on similar techniques. The findings discovered that the proposed Elliptic Curve Cryptograpluc (ECC) method provides greater efficiency than similar method in terms of computational speed. Specifically, several aspects of authentication protocols were studied, and new definitions of this problem were presented in various settings depending on the underlying network. Further, the thesis shows how to systematically transform solutions that work in a model of idealized authenticated communications into solutions that are secure in the realistic setting of wired communication channels such as access control, and online transactions involving contact communication schemes. As with all software development, good design and engineering practices are important for software quality. Rather than thinking of security as an add-on feature to software systems, security should be designed into the system from the earliest stages of requirements gathering through development, testing, integration, and deployment. In view of this, a new approach for dealing with this problem in an object-oriented approach is presented. Some practical illustrations were analyzed based on the Unified Modeling Language (UML) as it applies to modeling authentication/access control schemes in online transactions. In particular, important issues such as how smartcard applications can be modeled using UML techniques and how UML can be used to sketch the operations for implementing a secure access using smartcard has been addressed. 2004-06 Thesis NonPeerReviewed text en http://psasir.upm.edu.my/id/eprint/5939/1/FK_2004_47%20IR.pdf Mohammed, Lawan Ahmed (2004) Enhancement of Security Architecture for Smartcard Based Authentication Protocols. Doctoral thesis, Universiti Putra Malaysia. Smart cards - Authentication - Case studies |
| spellingShingle | Smart cards - Authentication - Case studies Mohammed, Lawan Ahmed Enhancement of Security Architecture for Smartcard Based Authentication Protocols |
| title | Enhancement of Security Architecture for Smartcard Based Authentication Protocols |
| title_full | Enhancement of Security Architecture for Smartcard Based Authentication Protocols |
| title_fullStr | Enhancement of Security Architecture for Smartcard Based Authentication Protocols |
| title_full_unstemmed | Enhancement of Security Architecture for Smartcard Based Authentication Protocols |
| title_short | Enhancement of Security Architecture for Smartcard Based Authentication Protocols |
| title_sort | enhancement of security architecture for smartcard based authentication protocols |
| topic | Smart cards - Authentication - Case studies |
| url | http://psasir.upm.edu.my/id/eprint/5939/ http://psasir.upm.edu.my/id/eprint/5939/1/FK_2004_47%20IR.pdf |