Talks and Poster Presentations (with Proceedings-Entry):
G. Starnberger, L. Froihofer, K. Göschka:
"A Generic Proxy for Secure Smart Card-Enabled Web Applications";
Talk: 10th International Conference on Web Engineering , ICWE 2010,
Vienna, Austria;
2010-07-05
- 2010-07-09; in: "Web Engineering Proceedings of the 10th International Conference, ICWE 2010",
B. Benatallah, F. Casati, G. Kappel, G. Rossi (ed.);
Springer,
LNCS 6189
(2010),
ISBN: 978-3-642-13910-9;
370
- 384.
English abstract:
Smart cards are commonly used for tasks with high security
requirements such as digital signatures or online banking. However, systems
thatWeb-enable smart cards often reduce the security and usability
characteristics of the original application, e.g., by forcing users to execute
privileged code on the local terminal (computer) or by insufficient
protection against malware. In this paper we contribute with techniques
to generally Web-enable smart cards and to address the risks of malicious
attacks. In particular, our contributions are: (i) A single generic proxy to
allow a multitude of authorized Web applications to communicate with
existing smart cards and (ii) two security extensions to mitigate the effects
of malware. Overall, we can mitigate the security risks ofWeb-based
smart card transactions and-at the same time-increase the usability
for users.
Keywords:
Smart cards, Web applications, Digital signatures, Security.
Related Projects:
Project Head Karl Michael Göschka:
TRADE
Created from the Publication Database of the Vienna University of Technology.