Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

SmartTokens: Delegable access control with NFC-enabled smartphones

: Dmitrienko, A.; Sadeghi, A.-R.; Tamrakar, S.; Wachsmann, C.


Katzenbeisser, S. (Hrsg.):
Trust and trustworthy computing. Proceedings : 5th international conference, TRUST 2012. Vienna, Austria, June 13 - 15, 2012
Heidelberg: Springer, 2012 (Lecture Notes in Computer Science 7344)
ISBN: 3-642-30920-8
ISBN: 978-3-642-30920-5
ISBN: 978-3-642-30921-2
International Conference on Trust and Trustworthy Computing (TRUST) <5, 2012, Wien>
Fraunhofer SIT ()

Today's smartphones and tablets offer compelling computing and storage capabilities enabling a variety of mobile applications with rich functionality. The integration of new interfaces, in particular near field communication (NFC) opens new opportunities for new applications and business models, as the most recent trend in industry for payment and ticketing shows. These applications require storing and processing security-critical data on smartphones, making them attractive targets for a variety of attacks. The state of the art to enhance platform security concerns outsourcing security-critical computations to hardware-isolated Trusted Execution Environments (TrEE). However, since these TrEEs are used by software running in commodity operating systems, malware could impersonate the software and use the TrEE in an unintended way. Further, existing NFC-based access control solutions for smartphones are either not public or based on strong assumptions that are hard to achi eve in practice. We present the design and implementation of a generic access control system for NFC-enabled smartphones based on a multi-level security architecture for smartphones. Our solution allows users to delegate their access rights and addresses the bandwidth constraints of NFC. Our prototype captures electronic access to facilities, such as entrances and offices, and binds NFC operations to a software-isolated TrEE established on the widely used Android smartphone operating system. We provide a formal security analysis of our protocols and evaluate the performance of our solution.