• norsk
    • English
  • English 
    • norsk
    • English
  • Login
View Item 
  •   Home
  • Faculty of Mathematics and Natural Sciences
  • Department of Informatics
  • Department of Informatics
  • View Item
  •   Home
  • Faculty of Mathematics and Natural Sciences
  • Department of Informatics
  • Department of Informatics
  • View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.

Using Smart Cards to Mitigate Security Threats on Mobile Devices

Sivertsgård, Henrik Mathisen
Master thesis
Thumbnail
View/Open
144798784.pdf (3.819Mb)
URI
https://hdl.handle.net/1956/12614
Date
2016-05-31
Metadata
Show full item record
Collections
  • Department of Informatics [541]
Abstract
This master thesis developed and tested the idea that smart cards are able to help mitigate security threats on mobile devices that are handling sensitive data. Investigating the limitations of smart cards is a fundamental part of the idea and we performed in-depth testing and analysis of what smart cards are capable of. Our study shows that smart cards are limited by their low processing power, low amount of memory and a severely lacking application programming language. These limitations affect smart cards usefulness concerning cryptography and data processing. Additionally, lack of standard support for smart cards in modern mobile operating systems is a limitation we investigate and propose solutions for. Despite these limitations, smart cards can still be a useful asset as they offer a secure execution environment and are tamper resistant. Viable use cases include secure key generation, management and storage, digital signing, encryption, strong authentication and the possibility to run small specialized applets securely. More complex use cases are also possible, but require additional external components and infrastructure to be realized. For instance, a smart card could be used as a simple policy enforcement point, given that we had a trusted third party available, and a functioning public key infrastructure in place. We were able to construct an Android library and a smart card applet for secure communication, but there still remains research on the topic. Not all functionality were implemented due to time constraints and technical issues, but the framework foundations are in place so that extensions can be quickly and easily implemented. Future work may include full scale testing of our framework, additional development and testing on more technological advanced smart cards.
Publisher
The University of Bergen
Copyright
Copyright the Author. All rights reserved

Contact Us | Send Feedback

Privacy policy
DSpace software copyright © 2002-2019  DuraSpace

Service from  Unit
 

 

Browse

ArchiveCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsDocument TypesJournalsThis CollectionBy Issue DateAuthorsTitlesSubjectsDocument TypesJournals

My Account

Login

Statistics

View Usage Statistics

Contact Us | Send Feedback

Privacy policy
DSpace software copyright © 2002-2019  DuraSpace

Service from  Unit