Zvýšení bezpečnosti běhu softwarových aplikací pomocí kryptografické čipové karty
| Title in English | Improving software application security using cryptographic smartcard |
|---|---|
| Authors | |
| Year of publication | 2004 |
| Type | Article in Proceedings |
| Conference | Sbornik Europen XXV |
| MU Faculty or unit | |
| Citation | |
| Web | http://www.fi.muni.cz/~xsvenda/docs/SecureFW_europen2004.pdf |
| Field | Informatics |
| Keywords | smartcard; software agent; JavaCard; cryptographic protocol; |
| Description | Software applications executed in current common PC environments are not protected before skilled attackers able to use debuggers or disassemblers. We describe practical implemented system (SecureFW) to improving security of software application (e.g. software agent) using programmable cryptographic smartcards with support for JavaCard, combined with methods of a mobile cryptography. SecureFW framework provides background to shift sensitive code and data of software agent into physical secured environment of smartcard. Allows controlled usage restricted by rules, which can be remotely defined using XML commands. Special implementation of authentication and data exchange protocol for controlled usage is designed, which provides protection to authentization information on software agent's side and improves integrity protection of software agent execution. WhiteBox attack resistant implementation of AES algorithm is employed and some new additions are proposed to enabling cohesion with software agent code in a manner of mobile cryptography. Possible usages as a ground for Digital Rights Managment architecture and enchancing protection of signing key against malware is described. |
| Related projects: |