Abstract
This paper presents a novel method that can be used to prevent online identity theft and thereby ensure secure online transactions. In particular, the method combats online identity theft mechanisms that capture information on the computer before the information is encrypted. The key feature of this method is the use of secure network smart cards to establish secure connections between the smart card and remote Internet nodes. Using this end-to-end secure connection, one can securely exchange confidential information between the smart card and a trusted remote server. Any intermediate node, including the host computer to which the smart card is connected, cannot compromise this secure connection.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Federal Trade Commission :Federal Trade Commission Identity Theft Survey Report , p. 7 (September 2003), http://www.ftc.gov/os/2003/09/synovatereport.pdf
Jesdanun, A.: Thief captures every keystroke to access accounts. Seattle Post (July 2003), http://seattlepi.nwsource.com/national/131961_snoop23.html
Poulsen, K.: Guilty Plea in Kinko’s Keystroke Caper. SecurityFocus ,July 18 (2003), http://www.securityfocus.com/printable/news/6447
Jurgensen, T.M., Guthery, S.B.: Smart Cards. Pearson Education, Inc, London (2002)
Kerberos: The Network Authentication Protocol , http://web.mit.edu/kerberos/www/
Microsoft.Net Passport, Microsoft Corporation, http://www.passport.net/
Liberty Alliance Project, Liberty Alliance Consortium, http://www.projectliberty.org/
Kormann, D.P., Rubin, A.D.: Risks of the Passport Single Sign-on Protocol. Computer Networks 33, 51–58 (2000)
Urien, P.: Internet card, a smart card as a true Internet node. Computer Communication 23, 1655–1666 (2000)
Rees, J., Honeyman, P.: Webcard: a Java Card Web Server. Univ. of Michigan, http://www.citi.umich.edu/projects/smartcard/webcard/citi-tr-99-3.html
Guthery, S., Kehr, R., Posegga, J.: How to Turn a GSM SIM into a Web Server, http://www.scdk.com/websim.pdf
Montgomery, M., Ali, A.M., Lu, H.K.: Secure Network Card – Implementation of a Standard Network Stack in a Smart Card. In: Six Smart Card Research and Advanced Application IFIP Conference, France (August 2004)
Giesecke, Devrien: Internet Smart Card , http://cebit.gi-de.com/eng/main/cebit-special/4_7_N.php4
Muller, C., Deschamps, E.: Smart Cards as First-Class Network Citizens, http://www.gemplus.com/smart/r_d/publications/pdf/MD02gdcc.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lu, H.K., Ali, A. (2004). Prevent Online Identity Theft – Using Network Smart Cards for Secure Online Transactions. In: Zhang, K., Zheng, Y. (eds) Information Security. ISC 2004. Lecture Notes in Computer Science, vol 3225. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30144-8_29
Download citation
DOI: https://doi.org/10.1007/978-3-540-30144-8_29
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-23208-7
Online ISBN: 978-3-540-30144-8
eBook Packages: Springer Book Archive