The control of the application choice is delegated to the smart card users in the User Centric Smart Card Ownership Model (UCOM). There is no centralised authority that controls the card environment, and it is di cult to have implicit trust on applications installed on a smart card. The application sharing mechanism in smart cards facilitates corroborative and interrelated applications to co-ex...

Conventional smart card-based authentication systems used in health care alleviate some of the security issues in user and system authentication. Existing models still do not cover all security aspects. To enable new protective measures to be developed, an extended model of the authentication process is presented. This model includes a new entity referred to as secure server. Assuming a secure ...

The combined benefits of smart card to support mobility in a pocket coupled with the ubiquitous access of Web technology, present a new paradigm for medical information access systems. The paper describes the framework of Java Card Web Servlet (JCWS) that is being developed to provide seamless access interface between a Web browser and a Java-enabled smart card. Importantly, the smart card is v...

Recently, Yoon et al. proposed a new smart card based remote user authentication scheme. We show that this scheme is subject to forgery attacks if the information stored in the smart card is stolen. This violates the “twofactor security” objective of the smart card based remote user authentication schemes. We propose an amendment to this problem. We further propose two new schemes which are mor...

Using test to validate conformance of Java Card applications needs to take into account objectoriented specificity of the model and the implementation. In this article, we propose a method which integrates test hypotheses in order to build a UML model of Java Card applications. For each hypothesis, we describe how we can use it in order to obtain a model which is test oriented, and as most as p...

Java Card are devices subject to either hardware and software attacks. Thus several countermeasures need to be embedded to avoid the effects of these attacks. Recently, the idea to combine logical attacks with a physical attack to bypass bytecode verification has emerged. For instance, correct and legitimate Java Card applications can be dynamically modified on-card using laser beam. Such appli...

Digitization is the process of converting information into a digital format. The economy that is based on digital computing technologies is known as Digital Economy. The digital economy is also sometimes called the Internet Economy or Web Economy. Right now, in most of the countries, inside the people’s wallet, they probably have a couple of credit cards, an identification card, automatic telle...

This document describes an industrial application of the B method in smart card applications. In smart card memory, data modification may be interrupted due to a card withdrawal or a power loss. The EEPROM memory may result in an unstable state and the values subsequently read may be erroneous. The transaction mechanism provides a secure means for modifying data located in the EEPROM. As the se...

The User Centric Smart Card Ownership Model (UCOM) provides an open and dynamic smart card environment enabling cardholders to request installation/deletion of an application to which they are entitled. As in this model, smart cards are not under the control of a centralised authority; hence, it is di cult for an application provider to ascertain their trustworthiness. At present, proposed secu...

Near Field Communication (NFC) has reinvigorated the multiapplication smart card initiative. The NFC trials are relying on an extension of Issuer Centric Smart Card Model (ICOM) referred as Trusted Service Manager (TSM) architecture, which may create market segregation. Where the User Centric Smart Card Ownership Model (UCOM) takes an opposite approach of delegating the smart card ownership to ...