This module will:
- introduce various applications that exploit smart cards/tokens.
- examine benefits, threats and attacks.
- consider systems for the development, manufacture and management of smart cards/tokens.
- review smart card standards and security evaluation methodologies.
- An introduction to smart cards
- Smart Cards Trusted Production Environment
- Introduction to IoT (Internet of Things)
- An Overview of Multi-Application Smart Card Operating Systems and Platforms
- Smart Cards for Secure Banking and Finance
- Applications & Security for Mobile Communications, USIM/SIM and Services
- ID Cards and Passports
- RFID/NFCs Explained
- Advances in Chipcard Technology
- Security For Video Broadcasting
- Evaluating Smart Card Security with the Common Criteria
- Security Attacks, Countermeasures and Testing for Smart Cards
- Application Development Environments for Multos
- Overview of Trusted Platform
- Introduction to TEE and Related Processors
If you complete the module successfully, you should be able to:
- identify constituent components, analyse strengths and weaknesses and identify new applications of smart cards.
- identify the steps in the manufacturing/personalisation processes, analyse and evaluate potential risks and compare security safeguards.
- identify and compare the systems in use, analyse the strengths and weaknesses and evaluate interoperability and security issues.
- analyse the range of capabilities of SIM/USIM cards and RFID tokens, and apply them to new service ideas, evaluate the possible range of services and security measures.
- understand the main standards and applications of smart cards for banking and finance, compare with earlier card solutions and analyse strengths and weaknesses of approaches.
- analyse the key role of the smart card for passports, IDs and satellite TV, evaluate the security measures that have protected past and current cards.
- identify and describe "new" technologies, including Trusted Platform Modules (TPMs), Trusted Execution Environments (TEE), Host Card Emulation (HCE), Internet-of-Things (IoT) and apply them to new applications and evaluate the likely suitability/success of approach.
- explain how Common Criteria may affect smart card design/development, analyse the different approaches and compare with less formal methods.
- identify and describe the classes of attack and notable methods within each class, analyse countermeasures and evaluate practicality of attacks.
- identify, compare and evaluate different methods of developing applications for smart cards, and understand the development cycle and the use of practical tools for different technologies like Java Card, Multos, etc.
- analyse the issues concerning smart card lifestyle management, and evaluate and compare methods of local and remote card management.
- analyse the differences and similarities of the main multi-application smart card platforms and operating systems.
This module is assessed by a two-hour unseen written examination.
- Smart Cards, Tokens, Security and Applications (K.Mayes, K.Markantonakis) Springer, Science & Business Media-2008