Your SlideShare is downloading. ×
0
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
U Card - Digibiz'09
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

U Card - Digibiz'09

593

Published on

Published in: Technology, News & Politics
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
593
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Krishan Sabaragamu Koralalage and Noriaki Yoshiura Department of Information and Computer Sciences, Saitama University
    • A Novel Privacy Friendly Radio Frequency Tag Architecture for Universal Loyalty Card
    uCard Thursday, June 18 th 2009 Presenter: Prof. Noriaki Yoshiura
  • 2. How many cards do we have ? Loyalty Cards Hospital Cards Access Cards Cash Cards Credit Cards Travel Cards Library Cards …… ..etc.
  • 3. What cards are used for ?
    • Cards are used
    • to profile users and
    • to locate the built profile faster
    • for providing expected services or goods
    • while updating new transactions.
    • Only a unique number is stored in the card to do such things.
    • What is uCard ?
  • 4. Tuesday, September 15, 2009
  • 5. Actors of uCard
  • 6. Forms of uCard Internet Shopping
  • 7. uCard Concept oName = Object Name Public Attribute Names and Values Private Attribute Names and Values Methods to Get and Set Attribute/Value oName = uCard A- StorePointCD=A12331f B- StoreID=BBB123ws523 ………… . S-eCashID=ee242wrw423 D-BusTcktID=234oiss3423 …………… getValue(AttributeName) setValue(AttribName, Value)
  • 8.
  • 9.
  • 10. Interactions of uCard Communication Cards (Prepaid Phone, etc.) Banking Cards Retail Cards (Loyalty, Point, etc.) Health Cards (Hospitals, Pharmacy, etc.) Membership Cards (Library, Sports Club, etc.) Government Cards Transport Cards ( Bus Card, Train Card, etc.) Entertainment Cards Electronic Cash Cards ( Toll Collection, etc.) Access Cards Communicate Tag uCard External Readers
  • 11.
  • 12. Abbreviations
    • SP –Service Provider
    • U.Pwd – User Password
    • SP.Pwd – Service Provider Password
    • PIN – User Personal Identification
    • Master PIN – Master Secret Number
  • 13. Producing Fresh Cards
    • Only the Sequence Number , Anonymous ID , Processing data and dummy values for password and 3 PINs are available
    1
  • 14. Schematic Structure of uCard Entity U-Used N-Not Used L-Locked A-Public Entity B-Private Entity
  • 15.
  • 16. Issuing uCard
    • User enters Password , PIN1 , PIN2
    • Card Center enters Master PIN
    Store Store User inputs his/her own secrets 2
  • 17. Update of Password, User PIN1, User PIN2 and Master PIN uCard When Receiving a New Card oName=?, anonymousID=? oName=“uCard” and anonymousID=“1123sdf4323s6R” Ins= 00 , U. Pwd =“ S234GH ”, OldValue=“ 430111 ”, NewValue =“ QW28P3 ” Response= NewValue/Fail Interrogator If Ins=00 NewValue = new master PIN to be updated If Ins=11 NewValue = new user password to be updated If Ins=10 NewValue = new PIN1 to be updated If Ins=01 NewValue = new PIN2 to be updated 2
  • 18. Stopping a Card Temporarily
    • Lost card can be re-used if temporarily stopped with the permission of card center
    • But to use them Card Center must issue the approval
    Acknowledgement of lost card Card holder Verification Inform All the Service Providers Stop the Card Temporarily 3
  • 19. Destroying a Card Permanently
    • When acknowledged
      • Broken Card,
      • Permanently Corrupted Card,
      • Replace Request by card owner
        • Lost and Not Found
        • Need New Card
    • What does Card Center do ?
      • Delete old or unused card record
      • Request all the SPs to remove the same record.
    4
  • 20. Recovering Corrupted/Lost-found Card
    • Corrupted cards?
      • Cards that are dent, torn, etc .
      • Cards that can not be recognized by Reader/Writer
      • Cards with corrupted entity
    • Lost-found Cards
      • Cards that are stopped temporarily or permanently
    • Who/Where
      • Card must be presented to the Card Center
      • Card owner must be validated
    5
  • 21. Recovering Locked Cards 6
  • 22. uCard oName=?, anonymousID=? oName=“uCard” and anonymousID=“1123sdf4323s6R” U.Pwd =“ S234GH ”, MasterPIN=“ QW28P3 ”, Reset PIN1 and PIN2 Response= Success/Fail Interrogator When Card get Locked Recovering Locked Cards 6
  • 23. Subscribing Services of SP
    • Need to insert an entity to uCard
    • An entity comprises of
        • Sequence Number (Seq.No)
        • SP’s Password (SP.Pwd)
        • SP’s Name (SP.Name)
        • SP’s Code (SP.Code)
        • Occupancy Status
        • Access Privilege
    • Uniqueness of an Entity
        • Seq.No
        • Sp.Pwd
        • SP.Name
    Composite Unique Key of an Entity 8
  • 24. Inserting an Entity uCard When Subscribing a Service offered by SP oName=?, anonymousID=? oName=“uCard” and anonymousID=“1123sdf4323s6R” Ins= 111 , Seq.No=?, SP.Pwd=“ 56f67ho ”, SP.Name=“ JUSCO ”, SP.Code=“ Dt64GH ” Response= Seq.No/Fail Interrogator Ins=111 SP.Pwd, SP.Name, SP.Code will be written to the uCard 8
  • 25. Update of SP.Pwd, SP.Name and SP. Code uCard oName=?, anonymousID=? oName=“uCard” and anonymousID=“1123sdf4323s6R” Ins= 100 , Seq.No, SP.Pwd=“ 56f67ho ”, SP.Name, SP.Code Response= Seq.No/Fail Interrogator If Ins=100 SP.Pwd will be updated If Ins=010 SP.Name will be updated If Ins=010 SP.Code will be updated When Changing SP’s Fields Individually 9
  • 26. Unsubscribing Services of SP
    • When user decided to unsubscribe servicers of a SP,
      • Delete the relevant subscription entity record from uCard
    • How
      • Select the available subscriptions of the card
      • Select an entity to be deleted
      • Pass delete request to card
    • Must use trusted Interrogator
    • PIN2 is used to release an entity
    10
  • 27. Unsubscribing Services of SP uCard oName=?, anonymousID=? oName=“uCard” and anonymousID=“1123sdf4323s6R” Response= Success/Fail Interrogator Ins= 0 , Seq.No, SP. Name, U.Pwd, PIN2 Select List of (Seq.No?, SP.Name?, O.Status?), U.Pwd, PIN2 Display List of Seq.Nos, SP.Names and O.Statuses Deleting an entity of a SP If Ins=0 selected entity will be deleted If Ins=1 selected entity will be enabled 10
  • 28. Changing Subscription from SP1 to SP2
    • To change subscription from one SP to another SP,
      • First old entity must be deleted
      • Then new entity can be written
    11
  • 29. uCard Reading Subscription of SP oName=?, anonymousID=? oName=“uCard” and anonymousID=“1123sdf4323s6R” Seq.No, SP.Pwd, SP.Name, SP.Code? SP.Code =“ B1234235 ” Interrogator Using Subscribed Services of SP 12
  • 30. Encrypted Reading of SP.Code uCard oName=?, anonymousID=? oName=“uCard” and anonymousID=“1123sdf4323s6R” ID T { ID T, N T , Seq.No, SP.Pwd, SP.Name, SP.Code? } K PRV ID I {ID I ,N I , SP.Code =“ B1234235 ” } K PRV Interrogator Initial {Initial, N I , ID I , ID T } K PRV ID I { ID I , N I , N T } K PRV When providing services of SP Using Subscribed Services of SP 12
  • 31. Recovering a Locked Entity
    • An Entity get locked, when wrong SP.Pwd entered 3 times consecutively
    • Occupancy status becomes “L”
    • Recovering an entity is possible with PIN2
    • This can be carried out by the card holder
    13
  • 32. What is different from existing cards
    • All in one card
    • Simple
    • Independent – No specific vendor
    • Not Integrated
    • Enhanced Privacy and Security
    • All rights are with card holder
    • Can subscribe/ unsubscribe
    • Can restore previous records
    • Can use from non-secure to high secure transactions
  • 33. Concluding Remarks
    • Though there are several existing, proposed, and patented solutions to this problem,
      • No one has come up with
        • Independent
        • User controllable
        • Privacy enhanced Solution like uCard
    • We are working on uCard in mobile phones which will ultimately
      • Eliminate the necessity of carrying and holding a bulky wallet
      • Allow customers to enjoy rich experience in future
  • 34. Thank you. Q & A
  • 35.
  • 36. Sequence 2Bits Service Providers' Code (16 Bits) 2 Digits&4 Characters Nonce Generator, Encryption and Decryption Module, Processing Module and Hard coded Value "Initial" User Password, PIN1 and AnonymousID (random unique number) Occupancy Status 2Bits Access Privilege 2Bits Service Providers' Code 40 Bits (Fragment of Code) Service Providers' 32Bits Attribute Name Master PIN and User PIN2
  • 37. Possible Attributes of an Entity (2/2)
  • 38. Encrypted Communications
  • 39. Encrypted Update of Master PIN, User PIN1, User PIN2 and User Password uCard oName=?, anonymousID=? oName=“uCard” and anonymousID=“1123sdf4323s6R” ID T { ID T, N T , Ins= 00 , U. Pwd =“ S234GH ”, OldValue =“ 430111 ”, NewValue =“ QW28P3 ” ”} K PRV ID I {N I , ID I , Response= NewValue/Fail } K PRV Interrogator Initial {Initial, N I , ID I , ID T } K PRV ID I { ID I , N I , N T } K PRV Ins(Instruction)=00 NewValue contains new master PIN to be updated ID T { ID T, N T , Ins= 11 , U. Pwd =“ S234GH ”, OldValue=“ S234GH ”, NewValue =“ ABC128 ”} K PRV ID T { ID T, N T , Ins= 10 , U. Pwd =“ S234GH ”, OldValue=“ 4301 ”, NewValue =“ 2324 ” } K PRV ID T { ID T, N T , Ins= 10 , U. Pwd =“ S234GH ”, OldValue=“ 1601 ”, NewValue =“ 1624 ” } K PRV Ins(Instruction)=11 NewValue contains new user password to be updated Ins(Instruction)=10 NewValue contains new PIN1 to be updated Ins(Instruction)=01 NewValue contains new PIN2 to be updated 2
  • 40. Encrypted Card Release uCard oName=?, anonymousID=? oName=“uCard” and anonymousID=“1123sdf4323s6R” ID T { ID T, N T , U. Pwd =“ S234GH ”, MasterPIN=“ QW28P3 ”, Reset PIN1 and PIN2 } K PRV ID I {N I , ID I , Response= Success/Fail } K PRV Interrogator Initial {Initial, N I , ID I , ID T } K PRV ID I { ID I , N I , N T } K PRV When Registering/Changing Recovering Locked Cards 6
  • 41. uCard oName=?, anonymousID=? oName=“uCard” and anonymousID=“1123sdf4323s6R” ID T { ID T, N T , Ins= 111 , Seq.No=?, SP.Code=“ f67ho7 ”, SP.Name=“ JUSCO ”, SP.Code=“ Dt64sE88 ”} K PRV ID I {N I , ID I , Response= Seq.No/Fail } K PRV Interrogator Initial {Initial, N I , ID I , ID T } K PRV ID I { ID I , N I , N T } K PRV Encrypted Writing Attributes of an Entity When Subscribing a Service offered by SP Ins(Instruction)=111 SP.Pwd, SP.Name, SP.Code will be written to the uCard 8
  • 42. uCard oName=?, anonymousID=? oName=“uCard” and anonymousID=“1123sdf4323s6R” ID I { N I , ID I , Response= Seq.No/Fail } K PRV Interrogator Initial {Initial, N I , ID I , ID T } K PRV ID I { ID I , N I , N T } K PRV Encrypted Update of SP.Pwd, SP.Name and SP.Code When Changing SP’s Password, Name and Code Ins(Instruction)=100 SP.Pwd , SP.Name, SP.Code will be written to the uCard Ins(Instruction)=010 SP.Pwd, SP.Name , SP.Code will be written to the uCard ID T { ID T, N T , Ins= 100 , Seq.No, SP.Pwd=“ 56f67ho ”, SP.Name, SP.Code} K PRV ID T { ID T, N T , Ins= 010 , Seq.No, SP.Pwd, SP.Name=“ JUSCO ”, SP.Code} K PRV Ins(Instruction)=010 SP.Pwd, SP.Name, SP.Code will be written to the uCard ID T { ID T, N T , Ins= 001 , Seq.No, SP.Pwd, SP.Name, SP.Code=“ Dt64GH } K PRV 9
  • 43. Unsubscribing Services of SP uCard oName=?, anonymousID=? oName=“uCard” and anonymousID=“1123sdf4323s6R” ID I {ID I, N I , Response= Success/Fail } K PRV Interrogator ID T { ID T, N T , Ins= 0 , Seq.No, SP. Name, U.Pwd, PIN2 } K PRV ID T { ID T, N T , Select List of (Seq.No?, SP.Name?, O.Status?), U.Pwd, PIN2 } K PRV ID I {ID I , N I , Display List of Seq.Nos, SP.Names and O.Statuses } K PRV Initial {Initial, N I , ID I , ID T } K PRV ID I { ID I , N I , N T } K PRV Encrypted Deleting of an Entity Ins(Instruction)=0 selected entity will be deleted 10
  • 44. Encrypted Enabling of an Entity uCard Interrogator When a subscription entity get locked Ins(Instruction)=1 selected entity will be enabled Recovering a Locked Entity oName=?, anonymousID=? oName=“uCard” and anonymousID=“1123sdf4323s6R” ID I {N I , ID I , Response= Success/Fail } K PRV ID T { ID T, N T , Ins= 1 , Seq.No, SP. Name, U.Pwd, PIN2 } K PRV ID T { ID T, N T , Select List of (Seq.No?, SP.Name?, O.Status?), U.Pwd, PIN2 } K PRV ID I {ID I , N I , Display List of Seq.Nos, SP.Names and O.Statuses } K PRV Initial {Initial, N I , ID I , ID T } K PRV ID I { ID I , N I , N T } K PRV 13

×