Title :
Communication Security between a Computer and a Hardware Token
Author :
Lu, H. Karen ; Ali, Asad
Author_Institution :
Technol. & Innovation, Gemalto, Inc, Austin, TX
Abstract :
Hardware security tokens are gradually gaining popularity as tools for strong online authentication and secure storage of personal information. The security services they offer protect online service providers as well as consumers. These tokens are small embedded systems that typically have little or no human interface themselves. They work with software on the host computer for human interface and for interaction with programs on the computer or over the Internet. Since these security tokens typically provide cryptographic services and secure storage, the security of communication between the token and the host computer is a critical piece of the overall security framework. The design of this piece is a challenging task. It requires solving multiple problems, such as ensuring that the hardware token only talks with a legitimate host application; exchanging encryption keys; and minimizing the impact on communication performance. This paper presents our solutions to these problems. These solutions are applicable in a variety of hardware security tokens.
Keywords :
authorisation; cryptography; embedded systems; telecommunication security; communication security; embedded systems; encryption keys; hardware security tokens; online service providers; personal information; secure storage; security services; strong online authentication; Authentication; Communication system security; Computer interfaces; Computer security; Cryptography; Hardware; Humans; Information security; Protection; Secure storage; Embedded system; communication security; hardware security token; security and protection system; smart card;
Conference_Titel :
Systems, 2008. ICONS 08. Third International Conference on
Conference_Location :
Cancun
Print_ISBN :
978-0-7695-3105-2
Electronic_ISBN :
978-0-7695-3105-2
DOI :
10.1109/ICONS.2008.36
