Skip to main content
SpringerLink
Log in

Robust Enterprise Application Security with eTRON Architecture

  • Conference paper
  • First Online:
Enterprise Security (ES 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10131))

Included in the following conference series:

Abstract

With information and communication technologies progressing at a rapid pace and becoming increasingly affordable, the use of various e-services is gaining prevalence at all sectors and levels of enterprises, including government, commerce, education and health. As modern-day enterprise services become progressively virtual in terms of content, storage and delivery, the need for robust of security and privacy pertaining to such services increases proportionally. Despite the plethora of enterprise-scale e-services in use today, there seems to be no general framework for developing those, especially with regard to ensuring security of such services. In this chapter, we present the eTRON architecture which aims at delineating a generic framework for developing secure e-services. At the core of the eTRON architecture lies the tamper-resistant eTRON chip which is equipped with functions for mutual authentication, encrypted communication and strong access control. Besides the security features, the eTRON architecture also offers a wide range of functionalities through a coherent set of API commands so that programmers can develop value-added services in a transparent manner. This chapter discusses various features of the eTRON architecture, and presents three representative eTRON-based e-services in order to evaluate its effectiveness by comparison with other existing e-services.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  • Anderson, R.: Why cryptosystems fail. Commun. ACM 37, 32–40 (1994)

    Article  Google Scholar 

  • Anderson, R., Kuhn, M.: Tamper resistance - a cautionary note. In: The Second USENIX Workshop on Electronic Commerce Proceedings, pp. 1–11 (1996)

    Google Scholar 

  • Bilabo-Osorio, B., Dutta, S., Lanvin, B.: Global information technology report 2013: growth and jobs in a hyperconnected world. In: World Economic Forum (2013)

    Google Scholar 

  • Harrington, A., Jensen, C.: Cryptographic access control in a distributed file system. In: Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies, pp. 158–165 (2003)

    Google Scholar 

  • Khan, M.F.F., et al.: A secure and flexible electronic-ticket system. In: Proceedings of 33rd Annual IEEE International Computer Software and Applications Conference, pp. 421–426 (2009)

    Google Scholar 

  • Khan, M.F.F., Sakamura, K.: Context-awareness: exploring the imperative shared context of security and ubiquitous computing. In: Proceedings of 14th International Conference on Information Integration and Web-Based Applications and Services, pp. 101–110 (2012)

    Google Scholar 

  • Koshizuka, N., Sakamura, K.: Ubiquitous ID: standards for ubiquitous computing and the internet of things. IEEE Pervasive Comput. 9(4), 98–101 (2010)

    Article  Google Scholar 

  • Krikke, J.: T-Engine: Japan’s ubiquitous computing architecture is ready for prime Time. IEEE Pervasive Comput. 4(2), 4–9 (2005)

    Article  Google Scholar 

  • Matsuyama, K., Fujimura, K.: Distributed digital-ticket management for rights trading system. In: Proceedings of ACM Conference on Electronic Commerce, pp. 110–118 (1999)

    Google Scholar 

  • Mayes, K.E.: An introduction to smart cards. In: Mayes, K.E., Markantonakis, K. (eds.) Smart Cards, Tokens Security and Applications. Springer Science+Business Media, LLC, New York (2008)

    Chapter  Google Scholar 

  • Payne, C.: A cryptographic access control architecture secure against privileged attackers. In: Proceedings of the 2007 ACM Workshop on Computer Security Architecture, pp. 70–76 (2007)

    Google Scholar 

  • Rankl, W.: Smart Card Applications: Design Models for Using and Programming Smart Cards, 3rd edn. Wiley, West Sussex (2007)

    Book  Google Scholar 

  • Sakamura, K.: Ubiquitous computing: making it a reality. ITU Telecom World 2003, 1–9 (2003)

    Google Scholar 

  • Sakamura, K., Koshizuka, N.: The eTRON wide-area distributed-system architecture for e-commerce. IEEE Micro 21(6), 7–12 (2001)

    Article  Google Scholar 

  • Sony Global Felica Website (2016). http://www.sony.net/Products/felica/index.html. Accessed 27 May 2016

  • Stankovic, J.A.: Research directions for the internet of things. IEEE Internet Things J. 1(1), 3–9 (2014)

    Article  Google Scholar 

  • T-Kernel Standard Extension (2016). http://www.tron.org/download/index.php?route=product/category&path=24. Accessed 27 May 2016

  • TRON FORUM (2016). http://www.tron.org/. Accessed 27 May 2016

  • Yap, L.F., et al.: SUCAS: smart-card-based secure user-centric attestation framework for location-based services. Int. J. Inf. Priv. Secur. Integr. 1(2), 160–183 (2012a)

    Google Scholar 

  • Yap, L.F., et al.: Secure consumer-oriented integrated services using activity-based attestation for converging online and in-store shopping experience. Int. J. Comput. Theory Eng. 4(2), 165–170 (2012b)

    Article  Google Scholar 

  • Yashiro, T., et al.: T-Kernel/SS: a secure filesystem with access control protection using tamper-resistant chip. In: Proceedings of 5th IEEE International Workshop on Security, Trust, and Privacy for Software Applications, pp. 134–139 (2010)

    Google Scholar 

  • Yashiro, T., et al.: eTNet: a smart card network architecture for flexible electronic commerce services. In: Proceedings of 4th IFIP International Conference on New Technologies, Mobility and Security, pp. 1–5 (2011)

    Google Scholar 

Download references

Acknowledgments

We cordially thank the YRP Ubiquitous Computing Laboratory for providing the eTRON hardware. The research reported in Sects. 3, 4 and 5 were carried out under the “Secure Ubiquitous Computing Platform” project supported by the Ministry of Education, Culture, Sports, Science and Technology (MEXT), Japan.

Author information

Authors and Affiliations

  1. Interfaculty Initiative in Information Studies, The University of Tokyo, Tokyo, Japan

    M. Fahim Ferdous Khan, Ken Sakamura & Noboru Koshizuka

  2. YRP Ubiquitous Networking Laboratory, Tokyo, Japan

    Ken Sakamura & Noboru Koshizuka

Authors
  1. M. Fahim Ferdous Khan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ken Sakamura
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Noboru Koshizuka
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to M. Fahim Ferdous Khan .

Editor information

Editors and Affiliations

  1. Xi’an Jiaotong-Liverpool University, Suzhou, China

    Victor Chang

  2. School of Computing, Creative Technologies, and Engineering, Leeds Beckett University, Leeds, United Kingdom

    Muthu Ramachandran

  3. University of Southampton , Southampton, United Kingdom

    Robert J. Walters

  4. Department of Electronics and Computer Science, University of Southampton, Southampton, United Kingdom

    Gary Wills

Appendix

Appendix

  1. 1.

    The following shows API specification from eTRON Client Library for creating a file.

  2. 2.

    The following shows API specification from eTRON Client Library for reading a file.

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Khan, M.F.F., Sakamura, K., Koshizuka, N. (2017). Robust Enterprise Application Security with eTRON Architecture. In: Chang, V., Ramachandran, M., Walters, R., Wills, G. (eds) Enterprise Security. ES 2015. Lecture Notes in Computer Science(), vol 10131. Springer, Cham. https://doi.org/10.1007/978-3-319-54380-2_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-54380-2_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-54379-6

  • Online ISBN: 978-3-319-54380-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation