Abstract
Significant increase in the use of smart cards in diverse set of real-time applications has lead to the proliferation of number of attack scenarios including physical and logical attacks. Since the security of smart card based systems and applications depends upon the security of smart cards being a key element of communication, it provokes researchers from enterprises and academia to come forward and to exchange their ideas to ensure security of these systems. To authenticate different users in different application scenarios requires the development of security policies that can effectively satisfy the heterogeneous security requirements. In this paper, we propose a contextual security policy generation model for applications involving authentication using smart cards. The paper illuminates the factors that are crucial in determining a dynamic set of security policies. We also implement our model on Access Control Policy Testing (ACPT) tool in order to test and verify its correctness.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Favier, F.: Smart cards and healthcare. Card Technol. Today 19(11–12), 10 (2007)
Pelletier, M.P., Trépanier, M., Morency, C.: Smart card data use in public transit: a literature review. Transp. Res. Part C: Emerg. Technol. 19(4), 557–568 (2011)
Markantonakis, K., Main, D.: Smart cards for banking and finance. In: Mayes, K., Markantonakis, K. (eds.) Smart Cards, Tokens, Security and Applications, pp. 129–153. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-50500-8_5
Rankl, W., Effing, W.: Smart Card Handbook, 3rd edn. Wiley, Hoboken (2004)
Arora, S.: National e-ID card schemes: a European overview. Inf. Secur. Tech. Rep. 13(2), 46–53 (2008)
Mayes, K.: An introduction to smart cards. In: Mayes, K., Markantonakis, K. (eds.) Smart Cards, Tokens, Security and Applications, pp. 1–29. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-50500-8_1
2014–2018 Global Card Market Trends & Forecasts The Next 5 Years. https://icma.com/wp-content/uploads/2015/04/Al_V6-2014-2018-Trends-Forecasts.pdf. Accessed 11 Feb 2018
Sharp, C.B., et al.: U.S. Patent No. 9,098,714. U.S. Patent and Trademark Office, Washington, DC (2015)
Belanche-Gracia, D., Casaló-Ariño, L.V., Pérez-Rueda, A.: Determinants of multi-service smartcard success for smart cities development: a study based on citizens’ privacy and security perceptions. Gov. Inf. Q. 32(2), 154–163 (2015)
Peltier, T.R.: Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management. CRC Press, Boca Raton (2016)
Celdrán, A.H., Clemente, F.J.G., Pérez, M.G., Pérez, G.M.: SeCoMan: a semantic-aware policy framework for developing privacy-preserving and context-aware smart applications. IEEE Syst. J. 10(3), 1111–1124 (2016)
Guccione, L.J., Meyerstein, M.V., Cha, I., Schmidt, A., Leicher, A., Shah, Y.C.: U.S. Patent No. 9,363,676. U.S. Patent and Trademark Office, Washington, DC (2016)
Narasinghanallur, J., Ho, M.H., Keefe, T., Sedlar, E., Chui, C.C., Pesati, V.: U.S. Patent No. 9,886,590. U.S. Patent and Trademark Office, Washington, DC (2018)
Wahe, S., Petersen, G.: Open Enterprise Security Architecture (O-ESA): A Framework and Template for Policy-Driven Security. Van Haren Publishing, Zaltbommel (2011)
Castiglione, A., D’Arco, P., De Santis, A., Russo, R.: Secure group communication schemes for dynamic heterogeneous distributed computing. Future Gener. Comput. Syst. 74, 313–324 (2017)
NIST-Compter Security Resource Center. https://csrc.nist.gov/Projects/Access-Control-Policy-Tool. Accessed 25 Jan 2018
Hwang, J., Xie, T., Hu, V., Altunay, M.: ACPT: a tool for modeling and verifying access control policies. In: 2010 IEEE International Symposium on Policies for Distributed Systems and Networks (POLICY), pp. 40–43. IEEE (2010)
Castiglione, A., De Santis, A., Masucci, B., Palmieri, F., Huang, X., Castiglione, A.: Supporting dynamic updates in storage clouds with the Akl-Taylor scheme. Inf. Sci. 387, 56–74 (2017)
Castiglione, A., De Santis, A., Masucci, B., Palmieri, F., Castiglione, A., Huang, X.: Cryptographic hierarchical access control for dynamic structures. IEEE Trans. Inf. Forensics Secur. 11(10), 2349–2364 (2016)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Gupta, B.B., Quamara, M. (2018). A Dynamic Security Policies Generation Model for Access Control in Smart Card Based Applications. In: Castiglione, A., Pop, F., Ficco, M., Palmieri, F. (eds) Cyberspace Safety and Security. CSS 2018. Lecture Notes in Computer Science(), vol 11161. Springer, Cham. https://doi.org/10.1007/978-3-030-01689-0_11
Download citation
DOI: https://doi.org/10.1007/978-3-030-01689-0_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-01688-3
Online ISBN: 978-3-030-01689-0
eBook Packages: Computer ScienceComputer Science (R0)