Skip to main content

Research Repository

Advanced Search

A privacy preserving application acquisition protocol.

Akram, Raja Naeem; Markantonakis, Konstantinos; Mayes, Keith


Raja Naeem Akram

Konstantinos Markantonakis

Keith Mayes


Geyong Min

Felix Marmol


In the smart card industry, the application acquisition process involves the card issuers and application providers. During this process, the respective card issuer reveals the identity of the smart card user to the individual application providers. In certain application scenarios it might be necessary (e.g. banking and identity applications). However, with introduction of the Trusted Service Manager (TSM) architecture there might be valid cases where revealing the card user's identity is not necessary. At the moment, the secure channel protocols for traditional smart card architecture including the TSM does not preserve the privacy of the card users. In this paper, we propose a secure and trusted channel protocol that provide such feature along with satisfying the requirements of an open and dynamic environment referred as User Centric Smart Card Ownership Model (UCOM). A comparison is provided between the proposed protocol and selected smart card protocols. In addition, we provide an informal analysis along with mechanical formal analysis using CasperFDR. Finally, we provide the test implementation and performance results.

Start Date Jun 25, 2012
End Date Jun 27, 2012
Publication Date 2012
Deposit Date May 29, 2012
Peer Reviewed Peer Reviewed
Pages 383-392
Book Title 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-12)
ISBN 978-0-7695-4745-9
Keywords User Centric Smart Card Ownership Model; Application Installation Protocol; Privacy Preservation; SmartCards; CasperFDR;
Public URL
Publisher URL