Abstract
The establishment of the Internet of Things (IoT) is gathering pace. The “things” will be counted in their billions, however interoperability problems may compromise the interconnectivity aspect. Isolated “things” are common and often make use of proprietary communication and security protocols that have not been subject to public scrutiny. By contrast the World Wide Web has well established technology and protocols and so there is interest in the so-called Web of Things (WoT) that would allow the “things” to communicate using standard web protocols. However, with so many readily accessible nodes we considered that the WoT should be underpinned by attack/tamper-resistant security modules that are compatible with the WoT protocols. This paper considers the use of the Smart Card Web Server (SCWS) capability to practically secure the WoT. Finally, the use of a SCWS is extended to provide a means of secure, local Single Sign-On (SSO).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
For a more complicated solution there may be mutual authentication between the local server and the user’s browser through the exchange of certificates. We will not consider this option for this paper.
References
Ashton, K.: That ‘Internet of Things’ thing, June 2009. http://www.rfidjournal.com/articles/view?4986
Gartner: The Internet of Things enables digital business. http://www.gartner.com/technology/research/internet-of-things/
Atzori, L., Iera, A., Morabito, G.: The Internet of Things: a survey. Comput. Netw. 54(15), 2787–2805 (2010)
Duquennoy, S., Grimaud, G., Vandewalle, J.-J.: The web of things: interconnecting devices with high usability and performance. In: International Conference on Embedded Software and Systems, ICESS 2009, pp. 323–330. IEEE (2009)
Guinard, D., Trifa, V.: Towards the web of things: web mashups for embedded devices. In: Proceedings of Workshop on Mashups, Enterprise Mashups and Lightweight Composition on the Web (MEM 2009), WWW (International World Wide Web Conferences), Madrid, Spain, p. 15 (2009)
Guinard, D., Trifa, V., Wilde, E.: A resource oriented architecture for the web of things. In: Internet of Things (IOT 2010), pp. 1–8. IEEE (2010)
Uckelmann, D., Harrison, M., Michahelles, F.: Architecting the Internet of Things, chap. 5, pp. 97–129. Springer Science & Business Media, New York (2011)
Zeng, D., Guo, S., Cheng, Z.: The web of things: a survey. J. Commun. 6(6), 424–438 (2011)
Guinard, D., Trifa, V.M., Wilde, E.: Architecting a mashable open world wide web of things. ETH, Department of Computer Science (2010)
Trifa, V., Wieland, S., Guinard, D., Bohnert, T.M.: Design and implementation of a gateway for web-based interaction and management of embedded devices. In: DCOSS (2009)
Kovatsch, M., Weiss, M., Guinard, D.: Embedding internet technology for home automation. In: 2010 IEEE Conference on Emerging Technologies and Factory Automation (ETFA), pp. 1–8. IEEE (2010)
Ostermaier, B., Schlup, F., Romer, K.: Webplug: a framework for the web of things. In: 2010 8th IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops), pp. 690–695. IEEE (2010)
Kyrillidis, L., Mayes, K., Chazalet, B., Markantonakis, K.: Card-present transactions on the internet using the smart card web server. In: 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 611–619. IEEE (2013)
OMA: Smartcard-Web-Server Approved Version 1.2.1 OMA-TS-Smartcard_Web_Server-V1_2_1-20130913-A, Open Mobile Alliance Std., 13 September 2013
ETSI TS 102 588 V9.1.0 (2011–01) Smart Cards; Application invocation Application Programming Interface (API) by a UICC webserver for Java Card platform; (Release 9), Std
Dierks, T.: The transport layer security (tls) protocol version 1.2 (2008)
ETSI TS 102 600 V7.2.0 (2008–06) Smart Cards; UICC-Terminal interface; Characteristics of the USB interface (Release 7), Std
OpenID. http://openid.net/
Facebook: Announcing facebook connect, May 2008. https://developers.facebook.com/blog/post/2008/05/09/announcing-facebook-connect/
Kerberos: The network authentication protocol. http://web.mit.edu/kerberos/
Microsoft. Microsoft kerberos. https://msdn.microsoft.com/en-us/library/windows/desktop/aa378747%28v=vs.85%29.aspx
Tracking the freak attack. https://freakattack.com/
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Kyrillidis, L., Cobourne, S., Mayes, K., Markantonakis, K. (2018). A Smart Card Web Server in the Web of Things. In: Bi, Y., Kapoor, S., Bhatia, R. (eds) Proceedings of SAI Intelligent Systems Conference (IntelliSys) 2016. IntelliSys 2016. Lecture Notes in Networks and Systems, vol 16. Springer, Cham. https://doi.org/10.1007/978-3-319-56991-8_55
Download citation
DOI: https://doi.org/10.1007/978-3-319-56991-8_55
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-56990-1
Online ISBN: 978-3-319-56991-8
eBook Packages: EngineeringEngineering (R0)