Interfaces Verification Tool POS – Smart Card
4.1 Interfaces
In our e-purse system, the hardware and software interfaces look like those diagrams shown in Figure 19 and Figure 20, respectively. Figure 19 Hardware Interfaces. The terminal system consists of a personal computer which is connected with the Chip Drive via the USB port. Figure 20 Software Interfaces. The PCSC Personal Computer Smart Card, see [9] interfaces with the hardware. OCF Open Card Framework, see [10] provides a framework for inter- operable smart cards solutions used by the Terminal software. The Java applet running on the smart card uses the JCOP framework [11],[12]. IBM JCOP is an implementation of several open smart card standards like JavaCard™, GlobalPlatform and ISO 7816, 14443.4.3 Verification Tool
In order to verify that the communication protocols used in the interfaces are indeed secure, we use a verification tool. There are a number of verification tools that implement certain verification method, such as CasperFDR, Isabelle, and CSP [1], [5], [7] and [8]. In the implementation of our e-purse system, we use CasperFDR as the verification tool. This tool provides a simple mechanism for user to check the authentication and secrecy of a communication protocol. It uses a custom input language specially tailored for security protocol checking. Furthermore, it has successfully tested a wide range of security protocol.4.2 POS – Smart Card
For communication between the point of sales and the smart card, both sides need to be authenticated. In addition a secure session needs to be established over which messages can be sent. Iteration 0 In our first approach, we used the BKE Bilateral Key Exchange algorithm. The smart card represented by B and the POS terminal represented by A both have a public and private key pair PA, SA and PB,SB. The other party knows the public key. First, both parties authenticate and agree on a symmetric session key kab. This session key is used for the remaining communication. A Î B {na,A}{PB} A Í B {na,nb,B,kab}{PA} A Î B {nb}{kab} A Í B {OKNOK}{kab} With na, nb: Nonce; kab: session key, PL: public key of L; At this point both sides are authenticated, and a session key is available. We expected that we could use the session key without problems and verified this with Casper. A Î B {na,A}{PB} A Í B {na,nb,B, kab}{PA} A Î B {nb}{kab} A Í B {OKNOK}{kab} A Î B {m1}{kab} A Í B {m2}{kab} With na, nb: Nonce; kab: session key, PL: public key of L; m1,m2: message The message contains the function with arguments to execute, e.g. “Add25” The Casper analysis showed that a man in the middle could reuse messages that were sent encrypted with the session key. Iteration 1 To prevent this, we decided to send a sequence number along with the sent messages. In this way, reuse of sent messages can be detected. There are seemed to be an obvious way to model this in Casper. This is probably due to the possibility of infinity of the sequence numbers so it is hard for Casper to check the state space. As the solution, we modelled each sequence number as a different type. This time, no problems were found in addition, we modified the algorithm, so session keys are generated on the terminal side which is expected to have more computational power. A Î B {na,A,kab}{PB} A Í B {na,nb,B}{PA} A Î B {nb}{kab} A Í B {OKNOK}{kab} A Î B {message,0}{kab} A Í B {response,1}{kab} A Î B {message,2}{kab} Information and Communication Technology Seminar, Vol. 1 No. 1, August 2005 ISSN 1858-1633 2005 ICTS 48 A Í B {response,3}{kab} … … With na, nb: Nonce; kab: session key, PL: public key of L; message,response: message4.4 Environment - POS
Parts
» INTRODUCTION ICTS2005 The Proceeding
» Opening Fundamental Operations of Mathematical Morphology
» Morphological filter Filter theorem
» Granulometry and size distribution
» PGPC texture model and estimation of the optimal structuring element: The PGPC
» CONCLUSIONS ICTS2005 The Proceeding
» Non-ergodicity parameters RESULTS AND DISCUSSIONS 1 Partial structure factors and
» SIMULATIONS CONCLUSION ICTS2005 The Proceeding
» IMAGE RECONSTRUCTION SYSTEM DESIGN
» RESULT CONCLUSION ICTS2005 The Proceeding
» MULTI-RESOLUTION HISTOGRAM TECHNIQUE DATA
» VALIDATION STRATEGY RESULTS AND DISCUSSION
» CONCLUSION ICTS2005 The Proceeding
» INTRODUCTION DISTILATION COLUMN AND ARTIFICIAL NEURAL NETWORK
» Using Temperature Correlation Using Flow Rate Correlation
» INTRODUCTION DETECTION OF SINGLE TREE FELLING WITH SOFT
» Supervised Fuzzy c-means Method
» Neural Network classification METHOD 1. Datasets
» Neural Network Classification Results
» Comparison of Classification Results
» DISCUSSIONS ICTS2005 The Proceeding
» CONCLUSION ACKNOWLEDGEMENT ICTS2005 The Proceeding
» Caching Access List BANDWIDTH MANAGEMENT IMPLEMENTATION
» Rate Limiting BANDWIDTH MANAGEMENT IMPLEMENTATION
» BANDWIDTH MANAGEMENT CONCEPTS RESULT
» The Architecture of UML Elements Model Element
» Diagram Element Editing SYSTEM ARCHITECTURE
» Server Application Architecture Undo
» INTRODUCTION IMPLEMENTATION TESTING ICTS2005 The Proceeding
» INTRODUCTION E-PURSE ICTS2005 The Proceeding
» Interfaces Verification Tool POS – Smart Card
» MULTI AGENT SYSTEM MAS A WEIGHTED-TREE SIMILARITY ALGORITHMS
» RESULTS ICTS2005 The Proceeding
» Facial Animation Morphing and Deformation Cross Dissolve
» Feature Morphing Mesh Morphing Text-to-Speech TTS Basic Block
» Text-to-Video Algorithm Text-To-Video Stake And Desain
» Suggestion CONCLUSION AND SUGGESTION 1 Conclusion
» The Concept SHARE-IT SYSTEM ARCHITECTURE
» SHARING SCENARIO CONCLUSION ICTS2005 The Proceeding
» The Bayesian Network Model and Modified Bayesian Optimization
» Designs and Implementation SCHEDULING MODEL AND IMPLEMENTATION
» Comparison Proposed Schedule with Real Schedule
» Face-to-Face Technique Long Distance Technique
» Scenario to motivate. Context_Selection Applikasi.
» INTRODUCTION ARCHITECTURE. CONCLUSION. ICTS2005 The Proceeding
» SUGGESTION ICTS2005 The Proceeding
» Data Flow Database Structure
» EXPERIMENTAL RESULT ICTS2005 The Proceeding
» Investment Stock Prototyping System Design
» Database Model Stock Valuation
» INTRODUCTION METHODOLOGY ICTS2005 The Proceeding
» Buffer Overrun Cryptography Random Numbers
» Anti-Tampering Error Handling Injection Flaws
» Encapsulate Field Restructuring Arrays
» Generating Secure Random Number Storing Deleting Passwords
» Smart Serialization Message Digest
» Convert Message with Private Key to Public Key
» INTRODUCTION CURRENT STATUS ICTS2005 The Proceeding
» INTRODUCTION PROPOSED SIMULATION MODEL
» PARALLELIZATION STRATEGY ICTS2005 The Proceeding
» EXPERIMENTS AND DISCUSSION CONCLUSION
» INTRODUCTION RESULTS AND DISCUSSION
» EXPERIMENTAL ICTS2005 The Proceeding
» RESULT AND DISCUSSION ICTS2005 The Proceeding
» Color segmentation SYSTEM CONFIGURATION
» FEATURE CHARACTERISTICS AND GENERAL RULE
» EXPERIMENTAL RESULT CONCLUSION ICTS2005 The Proceeding
» INTRODUCTION REVIEW OF LITERATURE
» Social Economics Impact. Restructuring Impact
» Manager Application Mobile Agent Generator MAG Mobile Agents MAs
» SNMP Table Polling SNMP Table Filtering
» BREAST CARCINOMA TUMOR ICTS2005 The Proceeding
» WATERSHED ALGORITHM METHODS ICTS2005 The Proceeding
» RESULT AND DISCUSION ICTS2005 The Proceeding
» FADED INFORMATION FIELD ARCHITECTURE
» ALGORITHMS TO CHOOSE NODES TO CREATE THE FADED
» SYSTEM SIMULATIONS ICTS2005 The Proceeding
» Model and Teory MODEL, TEORY, DESIGN, IMPLEMENTATION AND
» INTRODUCTION ANALYSIS AND RESULT
» INTRODUCTION A SIMPLE MODEL OF THE QUEUING SYSTEM
» SIMULATION RESULTS DISCUSSION ICTS2005 The Proceeding
» CONCLUSION INTRODUCTION ICTS2005 The Proceeding
» Dialog Processing ADDING NONVERBAL BEHAVIOUR
» Emotion Expression Experiment ADDING NONVERBAL BEHAVIOUR
» NATURAL LANGUAGE PROCESSING EMOTION REASONING
» Fuzzy Logic Control FLC System Planning
» Digital To Analog Converter DAC Motor Driver Position Sensor Display Unit
» INTRODUCTION CONCLUSION ICTS2005 The Proceeding
» Variable-Centered Rule Structure VARIABLE-CENTERED INTELLIGENT RULE SYSTEM
» Knowledge Refinement VARIABLE-CENTERED INTELLIGENT RULE SYSTEM
» Knowledge Building VARIABLE-CENTERED INTELLIGENT RULE SYSTEM
» Knowledge Inferencing VARIABLE-CENTERED INTELLIGENT RULE SYSTEM
» INTRODUCTION BASIC CONCEPTS OF FUZZY SETS
» Calculation of the Fitness Degree
» ESTIMATING MULTIPLE NULL VALUES IN RELATIONAL
» Chen’s [6] Result This Improving Method’s Result
» The Fuzzy Set HISTOGRAM THRESHOLDING
» Fuzzy Set Similarity HISTOGRAM THRESHOLDING
» EXPERIMENTAL RESULTS ICTS2005 The Proceeding
Show more