Authenticating Mandatory Access Controls and Preserving Privacy for a High-Assurance Smart Card View Full Text


Ontology type: schema:Chapter     


Chapter Info

DATE

2003

AUTHORS

Helmut Scherzer , Ran Canetti , Paul A. Karger , Hugo Krawczyk , Tal Rabin , David C. Toll

ABSTRACT

This paper presents an authentication protocol for high-assurance smart card operating systems that support download of mutually suspicious applications. Such a protocol is required to be part of the operating system, rather than the traditional smart card approach of allowing applications to do authentication, because strong authentication is essential for the operating system to protect one application from another. The protocol itself is based on the existing IKE protocol [13], used for authentication in IPSEC. What is new is the integration of an IKE-like protocol with authentication of mandatory secrecy and integrity access controls, the recognition that a single PKI-hierarchy cannot certify identity and all possible mandatory access rights, and the use of IKE to resolve privacy problems found in existing smart card authentication protocols. More... »

PAGES

181-200

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-540-39650-5_11

DOI

http://dx.doi.org/10.1007/978-3-540-39650-5_11

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1053479282


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0803", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Computer Software", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0804", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Data Format", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "IBM Deutschland GmbH, Secure Systems and Smart Cards, Sch\u00f6naicher Str. 220, D-71032, B\u00f6blingen, Germany", 
          "id": "http://www.grid.ac/institutes/grid.424815.e", 
          "name": [
            "IBM Deutschland GmbH, Secure Systems and Smart Cards, Sch\u00f6naicher Str. 220, D-71032, B\u00f6blingen, Germany"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Scherzer", 
        "givenName": "Helmut", 
        "id": "sg:person.010113467435.96", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010113467435.96"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "IBM Research Division, T. J. Watson Research Center, PO Box 704, 10598, Yorktown Heights, NY, USA", 
          "id": "http://www.grid.ac/institutes/grid.481554.9", 
          "name": [
            "IBM Research Division, T. J. Watson Research Center, PO Box 704, 10598, Yorktown Heights, NY, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Canetti", 
        "givenName": "Ran", 
        "id": "sg:person.012320111457.74", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012320111457.74"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "IBM Research Division, T. J. Watson Research Center, PO Box 704, 10598, Yorktown Heights, NY, USA", 
          "id": "http://www.grid.ac/institutes/grid.481554.9", 
          "name": [
            "IBM Research Division, T. J. Watson Research Center, PO Box 704, 10598, Yorktown Heights, NY, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Karger", 
        "givenName": "Paul A.", 
        "id": "sg:person.015233273445.15", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015233273445.15"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Department of Electrical Engineering, Technion, 32000, Haifa, Israel", 
          "id": "http://www.grid.ac/institutes/grid.6451.6", 
          "name": [
            "IBM Research Division, T. J. Watson Research Center, PO Box 704, 10598, Yorktown Heights, NY, USA", 
            "Department of Electrical Engineering, Technion, 32000, Haifa, Israel"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Krawczyk", 
        "givenName": "Hugo", 
        "id": "sg:person.013004021661.30", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013004021661.30"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "IBM Research Division, T. J. Watson Research Center, PO Box 704, 10598, Yorktown Heights, NY, USA", 
          "id": "http://www.grid.ac/institutes/grid.481554.9", 
          "name": [
            "IBM Research Division, T. J. Watson Research Center, PO Box 704, 10598, Yorktown Heights, NY, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Rabin", 
        "givenName": "Tal", 
        "id": "sg:person.015473523512.58", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015473523512.58"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "IBM Research Division, T. J. Watson Research Center, PO Box 704, 10598, Yorktown Heights, NY, USA", 
          "id": "http://www.grid.ac/institutes/grid.481554.9", 
          "name": [
            "IBM Research Division, T. J. Watson Research Center, PO Box 704, 10598, Yorktown Heights, NY, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Toll", 
        "givenName": "David C.", 
        "id": "sg:person.012150641467.91", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012150641467.91"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2003", 
    "datePublishedReg": "2003-01-01", 
    "description": "This paper presents an authentication protocol for high-assurance smart card operating systems that support download of mutually suspicious applications. Such a protocol is required to be part of the operating system, rather than the traditional smart card approach of allowing applications to do authentication, because strong authentication is essential for the operating system to protect one application from another. The protocol itself is based on the existing IKE protocol [13], used for authentication in IPSEC. What is new is the integration of an IKE-like protocol with authentication of mandatory secrecy and integrity access controls, the recognition that a single PKI-hierarchy cannot certify identity and all possible mandatory access rights, and the use of IKE to resolve privacy problems found in existing smart card authentication protocols.", 
    "editor": [
      {
        "familyName": "Snekkenes", 
        "givenName": "Einar", 
        "type": "Person"
      }, 
      {
        "familyName": "Gollmann", 
        "givenName": "Dieter", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-540-39650-5_11", 
    "inLanguage": "en", 
    "isAccessibleForFree": false, 
    "isPartOf": {
      "isbn": [
        "978-3-540-20300-1", 
        "978-3-540-39650-5"
      ], 
      "name": "Computer Security \u2013 ESORICS 2003", 
      "type": "Book"
    }, 
    "keywords": [
      "authentication protocol", 
      "access control", 
      "smart cards", 
      "operating system", 
      "mandatory access control", 
      "strong authentication", 
      "suspicious applications", 
      "privacy problems", 
      "IKE protocol", 
      "access rights", 
      "authentication", 
      "card approach", 
      "cards", 
      "IPsec", 
      "protocol", 
      "privacy", 
      "applications", 
      "download", 
      "system", 
      "secrecy", 
      "recognition", 
      "integration", 
      "Ike", 
      "control", 
      "use", 
      "part", 
      "identity", 
      "rights", 
      "problem", 
      "approach", 
      "paper"
    ], 
    "name": "Authenticating Mandatory Access Controls and Preserving Privacy for a High-Assurance Smart Card", 
    "pagination": "181-200", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1053479282"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-540-39650-5_11"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-540-39650-5_11", 
      "https://app.dimensions.ai/details/publication/pub.1053479282"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-05-20T07:42", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20220519/entities/gbq_results/chapter/chapter_172.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-540-39650-5_11"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-540-39650-5_11'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-540-39650-5_11'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-540-39650-5_11'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-540-39650-5_11'


 

This table displays all metadata directly associated to this object as RDF triples.

142 TRIPLES      23 PREDICATES      58 URIs      50 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-540-39650-5_11 schema:about anzsrc-for:08
2 anzsrc-for:0803
3 anzsrc-for:0804
4 schema:author N7e899ec0eb1a404da9fc55b7d95f590d
5 schema:datePublished 2003
6 schema:datePublishedReg 2003-01-01
7 schema:description This paper presents an authentication protocol for high-assurance smart card operating systems that support download of mutually suspicious applications. Such a protocol is required to be part of the operating system, rather than the traditional smart card approach of allowing applications to do authentication, because strong authentication is essential for the operating system to protect one application from another. The protocol itself is based on the existing IKE protocol [13], used for authentication in IPSEC. What is new is the integration of an IKE-like protocol with authentication of mandatory secrecy and integrity access controls, the recognition that a single PKI-hierarchy cannot certify identity and all possible mandatory access rights, and the use of IKE to resolve privacy problems found in existing smart card authentication protocols.
8 schema:editor Nf293facec4c747aa96ef411a61386d61
9 schema:genre chapter
10 schema:inLanguage en
11 schema:isAccessibleForFree false
12 schema:isPartOf Ne3a8f9a0cc2748f68c9c41fa3d17735a
13 schema:keywords IKE protocol
14 IPsec
15 Ike
16 access control
17 access rights
18 applications
19 approach
20 authentication
21 authentication protocol
22 card approach
23 cards
24 control
25 download
26 identity
27 integration
28 mandatory access control
29 operating system
30 paper
31 part
32 privacy
33 privacy problems
34 problem
35 protocol
36 recognition
37 rights
38 secrecy
39 smart cards
40 strong authentication
41 suspicious applications
42 system
43 use
44 schema:name Authenticating Mandatory Access Controls and Preserving Privacy for a High-Assurance Smart Card
45 schema:pagination 181-200
46 schema:productId N44fd069127c64da79456a8d9bdb5b67d
47 Nd02a8b5405f04116b43ae5bb6348ce83
48 schema:publisher N428e9a2911ec48b58c1ea4222e9e1f57
49 schema:sameAs https://app.dimensions.ai/details/publication/pub.1053479282
50 https://doi.org/10.1007/978-3-540-39650-5_11
51 schema:sdDatePublished 2022-05-20T07:42
52 schema:sdLicense https://scigraph.springernature.com/explorer/license/
53 schema:sdPublisher Na45ca9b84c354a868882c77948bf2e66
54 schema:url https://doi.org/10.1007/978-3-540-39650-5_11
55 sgo:license sg:explorer/license/
56 sgo:sdDataset chapters
57 rdf:type schema:Chapter
58 N424592d112374cd7905636491f822095 rdf:first sg:person.015233273445.15
59 rdf:rest Nbd897f8250674c038a8b208bbe380227
60 N428e9a2911ec48b58c1ea4222e9e1f57 schema:name Springer Nature
61 rdf:type schema:Organisation
62 N44fd069127c64da79456a8d9bdb5b67d schema:name doi
63 schema:value 10.1007/978-3-540-39650-5_11
64 rdf:type schema:PropertyValue
65 N7e899ec0eb1a404da9fc55b7d95f590d rdf:first sg:person.010113467435.96
66 rdf:rest Nf1c6c538cd9340408f36bbf3089b0255
67 Na45ca9b84c354a868882c77948bf2e66 schema:name Springer Nature - SN SciGraph project
68 rdf:type schema:Organization
69 Na7dc352d98a04636bdc460a66cc3864b rdf:first sg:person.015473523512.58
70 rdf:rest Nd68f03139c32482c88b5b975d5a8927f
71 Nbd897f8250674c038a8b208bbe380227 rdf:first sg:person.013004021661.30
72 rdf:rest Na7dc352d98a04636bdc460a66cc3864b
73 Nc00556f380e845009c4661ca1c870f64 schema:familyName Snekkenes
74 schema:givenName Einar
75 rdf:type schema:Person
76 Nceaaa799e0ad42b9a2908d9c721a3dc6 rdf:first Nd97c1bc3a79843f7b4f7fa601cc118ab
77 rdf:rest rdf:nil
78 Nd02a8b5405f04116b43ae5bb6348ce83 schema:name dimensions_id
79 schema:value pub.1053479282
80 rdf:type schema:PropertyValue
81 Nd68f03139c32482c88b5b975d5a8927f rdf:first sg:person.012150641467.91
82 rdf:rest rdf:nil
83 Nd97c1bc3a79843f7b4f7fa601cc118ab schema:familyName Gollmann
84 schema:givenName Dieter
85 rdf:type schema:Person
86 Ne3a8f9a0cc2748f68c9c41fa3d17735a schema:isbn 978-3-540-20300-1
87 978-3-540-39650-5
88 schema:name Computer Security – ESORICS 2003
89 rdf:type schema:Book
90 Nf1c6c538cd9340408f36bbf3089b0255 rdf:first sg:person.012320111457.74
91 rdf:rest N424592d112374cd7905636491f822095
92 Nf293facec4c747aa96ef411a61386d61 rdf:first Nc00556f380e845009c4661ca1c870f64
93 rdf:rest Nceaaa799e0ad42b9a2908d9c721a3dc6
94 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
95 schema:name Information and Computing Sciences
96 rdf:type schema:DefinedTerm
97 anzsrc-for:0803 schema:inDefinedTermSet anzsrc-for:
98 schema:name Computer Software
99 rdf:type schema:DefinedTerm
100 anzsrc-for:0804 schema:inDefinedTermSet anzsrc-for:
101 schema:name Data Format
102 rdf:type schema:DefinedTerm
103 sg:person.010113467435.96 schema:affiliation grid-institutes:grid.424815.e
104 schema:familyName Scherzer
105 schema:givenName Helmut
106 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010113467435.96
107 rdf:type schema:Person
108 sg:person.012150641467.91 schema:affiliation grid-institutes:grid.481554.9
109 schema:familyName Toll
110 schema:givenName David C.
111 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012150641467.91
112 rdf:type schema:Person
113 sg:person.012320111457.74 schema:affiliation grid-institutes:grid.481554.9
114 schema:familyName Canetti
115 schema:givenName Ran
116 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012320111457.74
117 rdf:type schema:Person
118 sg:person.013004021661.30 schema:affiliation grid-institutes:grid.6451.6
119 schema:familyName Krawczyk
120 schema:givenName Hugo
121 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013004021661.30
122 rdf:type schema:Person
123 sg:person.015233273445.15 schema:affiliation grid-institutes:grid.481554.9
124 schema:familyName Karger
125 schema:givenName Paul A.
126 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015233273445.15
127 rdf:type schema:Person
128 sg:person.015473523512.58 schema:affiliation grid-institutes:grid.481554.9
129 schema:familyName Rabin
130 schema:givenName Tal
131 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015473523512.58
132 rdf:type schema:Person
133 grid-institutes:grid.424815.e schema:alternateName IBM Deutschland GmbH, Secure Systems and Smart Cards, Schönaicher Str. 220, D-71032, Böblingen, Germany
134 schema:name IBM Deutschland GmbH, Secure Systems and Smart Cards, Schönaicher Str. 220, D-71032, Böblingen, Germany
135 rdf:type schema:Organization
136 grid-institutes:grid.481554.9 schema:alternateName IBM Research Division, T. J. Watson Research Center, PO Box 704, 10598, Yorktown Heights, NY, USA
137 schema:name IBM Research Division, T. J. Watson Research Center, PO Box 704, 10598, Yorktown Heights, NY, USA
138 rdf:type schema:Organization
139 grid-institutes:grid.6451.6 schema:alternateName Department of Electrical Engineering, Technion, 32000, Haifa, Israel
140 schema:name Department of Electrical Engineering, Technion, 32000, Haifa, Israel
141 IBM Research Division, T. J. Watson Research Center, PO Box 704, 10598, Yorktown Heights, NY, USA
142 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...