Using the Smart Card Web Server to Enhance the Security of Web Applications and the Web of Things. / Kyrillidis, Lazaros.

2018.

Research output: ThesisDoctoral Thesis

Published

Standard

Harvard

APA

Vancouver

Author

BibTeX

@phdthesis{2c2a19bf05294e39a4b23c98a07f8fb8,
title = "Using the Smart Card Web Server to Enhance the Security of Web Applications and the Web of Things",
abstract = "The invention of the World Wide Web (Web) has changed forever the way society op-erates. Communication, shopping, entertainment, have all transformed and nowadaysa large part of humanity depends on the Web for a number of everyday tasks.In recent years, a new technology appeared. It is called the Internet of Things (IoT)and assumes the participation in a worldwide network of any device, despite its size,functionality or purpose. Both the Web and the IoT face a number of security concerns.The security of the Web is undermined by threats that aim at disrupting its normaloperation, while for the IoT it is the use of proprietary protocols that weaken the inter-operability between individual devices and the ease of tampering reduces its usefulness.Fortunately, the industry has knowledge and experience in developing a strong, tamperresistant device, the smart card. Smart cards are ubiquitous and strengthen a numberof functions (payments, mobile telephony) and are the most secure token in mass pro-duction. Moreover, in recent years their interconnection capabilities have been furtherenhanced and this enhancement made available the hosting of the Smart Card WebServer (SCWS). The SCWS is a small web server running inside the smart/SIM card.In this thesis we describe research that by using smart cards and the SCWS, overstandardised protocols, we can enjoy tamper resistant solutions and enhanced securityfor the Web. In the same context, we consider a subcategory of the IoT, the Web ofThings (WoT), that is using web-enabled protocols for the IoT and enhance its secu-rity by means of the combination of smart cards with the SCWS. The feasibility of thesolution is depicted through four use cases, for which architecture and protocols are de-scribed and the necessary security analysis is conducted. Future work can demonstratein practice that the SCWS with smart cards can enhance the security of the Web andthe WoT.",
keywords = "SCWS, Smart Card, Smart Card Web Server, Internet of Things, IoT, Web of Things, WoT",
author = "Lazaros Kyrillidis",
year = "2018",
language = "English",
school = "Royal Holloway, University of London",

}

RIS

TY - THES

T1 - Using the Smart Card Web Server to Enhance the Security of Web Applications and the Web of Things

AU - Kyrillidis, Lazaros

PY - 2018

Y1 - 2018

N2 - The invention of the World Wide Web (Web) has changed forever the way society op-erates. Communication, shopping, entertainment, have all transformed and nowadaysa large part of humanity depends on the Web for a number of everyday tasks.In recent years, a new technology appeared. It is called the Internet of Things (IoT)and assumes the participation in a worldwide network of any device, despite its size,functionality or purpose. Both the Web and the IoT face a number of security concerns.The security of the Web is undermined by threats that aim at disrupting its normaloperation, while for the IoT it is the use of proprietary protocols that weaken the inter-operability between individual devices and the ease of tampering reduces its usefulness.Fortunately, the industry has knowledge and experience in developing a strong, tamperresistant device, the smart card. Smart cards are ubiquitous and strengthen a numberof functions (payments, mobile telephony) and are the most secure token in mass pro-duction. Moreover, in recent years their interconnection capabilities have been furtherenhanced and this enhancement made available the hosting of the Smart Card WebServer (SCWS). The SCWS is a small web server running inside the smart/SIM card.In this thesis we describe research that by using smart cards and the SCWS, overstandardised protocols, we can enjoy tamper resistant solutions and enhanced securityfor the Web. In the same context, we consider a subcategory of the IoT, the Web ofThings (WoT), that is using web-enabled protocols for the IoT and enhance its secu-rity by means of the combination of smart cards with the SCWS. The feasibility of thesolution is depicted through four use cases, for which architecture and protocols are de-scribed and the necessary security analysis is conducted. Future work can demonstratein practice that the SCWS with smart cards can enhance the security of the Web andthe WoT.

AB - The invention of the World Wide Web (Web) has changed forever the way society op-erates. Communication, shopping, entertainment, have all transformed and nowadaysa large part of humanity depends on the Web for a number of everyday tasks.In recent years, a new technology appeared. It is called the Internet of Things (IoT)and assumes the participation in a worldwide network of any device, despite its size,functionality or purpose. Both the Web and the IoT face a number of security concerns.The security of the Web is undermined by threats that aim at disrupting its normaloperation, while for the IoT it is the use of proprietary protocols that weaken the inter-operability between individual devices and the ease of tampering reduces its usefulness.Fortunately, the industry has knowledge and experience in developing a strong, tamperresistant device, the smart card. Smart cards are ubiquitous and strengthen a numberof functions (payments, mobile telephony) and are the most secure token in mass pro-duction. Moreover, in recent years their interconnection capabilities have been furtherenhanced and this enhancement made available the hosting of the Smart Card WebServer (SCWS). The SCWS is a small web server running inside the smart/SIM card.In this thesis we describe research that by using smart cards and the SCWS, overstandardised protocols, we can enjoy tamper resistant solutions and enhanced securityfor the Web. In the same context, we consider a subcategory of the IoT, the Web ofThings (WoT), that is using web-enabled protocols for the IoT and enhance its secu-rity by means of the combination of smart cards with the SCWS. The feasibility of thesolution is depicted through four use cases, for which architecture and protocols are de-scribed and the necessary security analysis is conducted. Future work can demonstratein practice that the SCWS with smart cards can enhance the security of the Web andthe WoT.

KW - SCWS

KW - Smart Card

KW - Smart Card Web Server

KW - Internet of Things

KW - IoT

KW - Web of Things

KW - WoT

M3 - Doctoral Thesis

ER -