The ever-increasing computational power of smart cards has made them feasible for use in pervasive applications such as electronic passports, military and public sector identification cards and cell-phone based financial and entertainment applications. However, such applications require a secure environment, which can only be provided with sufficient hardware and a secure operating system. In this paper we argue that smart card platforms pose additional security challenges when compared to traditional computer platforms. We discuss our design for a secure smart card operating system, named Caernarvon, and show that it addresses these challenges, which include secure application download, protection of cryptographic functions from potentially malicious applications, resolution of covert channel issues, and assurance of both security and data integrity in the face of arbitrary power losses.
By: Paul A. Karger; David C. Toll; Elaine R. Palmer; Suzanne K. McIntosh; Samuel M. Weber
Published in: RC24687 in 2008
LIMITED DISTRIBUTION NOTICE:
This Research Report is available. This report has been submitted for publication outside of IBM and will probably be copyrighted if accepted for publication. It has been issued as a Research Report for early dissemination of its contents. In view of the transfer of copyright to the outside publisher, its distribution outside of IBM prior to publication should be limited to peer communications and specific requests. After outside publication, requests should be filled only by reprints or legally obtained copies of the article (e.g., payment of royalties). I have read and understand this notice and am a member of the scientific community outside or inside of IBM seeking a single copy only.
Questions about this service can be mailed to reports@us.ibm.com .