SlideShare a Scribd company logo

Key2Share: NFC-enabled Smartphone-based Access Control

Heinrich Seeger
Heinrich Seeger

Key2Share is a system that allows smartphones to be used for access control via Near Field Communication (NFC). It issues digital keys that are represented as QR codes and can be shared remotely. This provides flexible access control with options for easy key delegation, remote revocation of access, and management of access rights. A proof of concept has been developed with Bosch Security Systems to integrate Key2Share into their existing access control infrastructure. The system aims to provide secure access control via smartphones while balancing security and compatibility with mobile devices.

Technology
1 of 22
Download to read offline
Key2Share: NFC-enabled Smartphone-based Access Control Alexandra Dmitrienko Cyberphysical Mobile Systems Security Group Fraunhofer SIT, Darmstadt In collaboration with TU Darmstadt, Center for Advanced Security Research in Darmstadt (CASED), Intel Collaborative Research Institute for Secure Computing (ICRI-SC) at TU-Darmstadt, Bosch Security Systems
Near Field Communication (NFC) Applications + NFC = services in one touch mPayments mTicketing
Why not Using a Smartphone as a Key? + NFC =
Smartphone as a Door Key  Access control by enterprises to their facilities  Access control in private sector (houses, garages) 4
Smartphone as a Door Key  Access to hotel rooms 5
Smartphone as a Car Key/Immobilizer  Fleet management by enterprises  Car sharing with family members or friends 6
Smartphone as a Car Key/Immobilizer  Car sharing by rental/car sharing companies 7
Smartphone for Access to Storage Facilities  Access to safes in hotel rooms  Lockers in luggage storage at train stations/airports DHL packing stations 8
Smartphone for Access to Storage Facilities  DHL packstations 9
Smartphone for Access to Facilities  E.g., parking houses 10
Usual Keys vs. SmartCards vs. Key2Share Usual Keys SmartCards Key2Share Distribution Requires physical Requires physical Remote access access Revocation Requires physical Remote Remote access or replacement of the lock Delegation Not possible Not possible Possible Context-aware Not possible Possible Possible access (e.g., time frame) 11
Key2Share: System Architecture Issuer 1. Employ the employee/sell the car Users Key2Share 2. One-time registration web-service 3. Electronic key issued 5. Share key 4. User Authentication with the issued key 6. User Authentication with the shared key Resources Delegated users 12
Key Sharing  The key to be shared is represented as a QR-code  Can be sent to the recipient per e-mail, MMS or scanned by a camera of another device
QR Code: What’s Inside?  Electronic keys of Key2Share are similar to passports Issued by a central authority Government Enterprise Issued for a particular entity Citizen Employee Public (not a secret) Yes Yes (encrypted) Has binding to an identity of Cryptographic key Photo an entity it is issued for bound to the platform 14
Key2Share Security Platform Security Secure communication protocols 15
Protocol Security Well-established cryptographic primitives (AES, SHA-1, RSA) Formal security proof of the protocols Formal tool-aided verification of protocols 16
Platform Security  Different trade-offs between security and requirements to a mobile device Less secure More secure Built-in Security System level software-based Hardware-based Mechanisms of Mobile OS security extensions security extensions No extra requirements to Requires update of system Requires support in mobile hardware and software (e.g., OS) hardware. Available system software (e.g., only on some operating system) mobile platforms 17
Platform Security Software-based security Hardware-based security extensions extensions  provided by BizzTrust  Require support in hardware architecture  e.g., Giesecke & Devrient Mobile Security Card http://www.gd-  http://www.bizztrust.de/ sfs.com/the-mobile-security- card/  Can be attached to the device via microSD card slot 18
Supported Platforms  Android NFC-enabled platforms (e.g., Samsung Nexus S, Galaxy S3) 19
Summary Flexible access rights:  policy-based  easy delegation  remote revocation  managable
Current Work Proof of Concept with Bosch Security Systems:  Key2Share as Access Pass  Key2Share as Building Block in Bosch‘s „Access-Control-as-a-Service“  Compatibility with already deployed infrastructure (wireless readers, management software)
Thank you alexandra.dmitrienko@sit.fraunhofer.de 22

Recommended

Crowdshare, Secure Resource Sharing in Mobile Crowds
Crowdshare, Secure Resource Sharing in Mobile CrowdsCrowdshare, Secure Resource Sharing in Mobile Crowds
Crowdshare, Secure Resource Sharing in Mobile CrowdsHeinrich Seeger
 
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICESURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICEEditor IJMTER
 
38
3838
38ieeeprojectsvadapalani
 
www.ijerd.com
www.ijerd.comwww.ijerd.com
www.ijerd.comIJERD Editor
 
Network security dotnet
Network security dotnetNetwork security dotnet
Network security dotnetDhamu Mca
 
Dotnet tiltle for 2012 c
Dotnet tiltle for 2012 cDotnet tiltle for 2012 c
Dotnet tiltle for 2012 ctema_solution
 
575 579
575 579575 579
575 579Editor IJARCET
 
IRJET- Improved Identity-based Anonymous Broadcast Encryption with Chosen Cip...
IRJET- Improved Identity-based Anonymous Broadcast Encryption with Chosen Cip...IRJET- Improved Identity-based Anonymous Broadcast Encryption with Chosen Cip...
IRJET- Improved Identity-based Anonymous Broadcast Encryption with Chosen Cip...IRJET Journal
 

Recommended

Crowdshare, Secure Resource Sharing in Mobile Crowds
Crowdshare, Secure Resource Sharing in Mobile CrowdsCrowdshare, Secure Resource Sharing in Mobile Crowds
Crowdshare, Secure Resource Sharing in Mobile CrowdsHeinrich Seeger
 
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICESURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICEEditor IJMTER
 
38
3838
38ieeeprojectsvadapalani
 
www.ijerd.com
www.ijerd.comwww.ijerd.com
www.ijerd.comIJERD Editor
 
Network security dotnet
Network security dotnetNetwork security dotnet
Network security dotnetDhamu Mca
 
Dotnet tiltle for 2012 c
Dotnet tiltle for 2012 cDotnet tiltle for 2012 c
Dotnet tiltle for 2012 ctema_solution
 
575 579
575 579575 579
575 579Editor IJARCET
 
IRJET- Improved Identity-based Anonymous Broadcast Encryption with Chosen Cip...
IRJET- Improved Identity-based Anonymous Broadcast Encryption with Chosen Cip...IRJET- Improved Identity-based Anonymous Broadcast Encryption with Chosen Cip...
IRJET- Improved Identity-based Anonymous Broadcast Encryption with Chosen Cip...IRJET Journal
 
Access Control in Enterprises with Key2Share
Access Control in Enterprises with Key2ShareAccess Control in Enterprises with Key2Share
Access Control in Enterprises with Key2ShareFaheem Nadeem
 
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud ComputingSmart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud ComputingOKsystem
 
SmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketSmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketOKsystem
 
Single Sign-On for Mobile
Single Sign-On for MobileSingle Sign-On for Mobile
Single Sign-On for MobileCA API Management
 
Mobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistantMobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistantVladimir Jirasek
 
Securing online services by combining smart cards and web-based applications
Securing online services by combining smart cards and web-based applicationsSecuring online services by combining smart cards and web-based applications
Securing online services by combining smart cards and web-based applicationsOlivier Potonniée
 
Droidcon2013 key2 share_dmitrienko_fraunhofer
Droidcon2013 key2 share_dmitrienko_fraunhoferDroidcon2013 key2 share_dmitrienko_fraunhofer
Droidcon2013 key2 share_dmitrienko_fraunhoferDroidcon Berlin
 
ASFWS 2011 - Secure software development for mobile devices
ASFWS 2011 - Secure software development for mobile devicesASFWS 2011 - Secure software development for mobile devices
ASFWS 2011 - Secure software development for mobile devicesCyber Security Alliance
 
Webinar on Enterprise Security & android
Webinar on Enterprise Security & androidWebinar on Enterprise Security & android
Webinar on Enterprise Security & androidEndeavour Software Technologies
 
Beam datasheet final 7 28-12
Beam datasheet final 7 28-12Beam datasheet final 7 28-12
Beam datasheet final 7 28-12Bitzer Mobile, now part of Oracle
 
A wearable token system
A wearable token systemA wearable token system
A wearable token systemGanesh ReddyCse
 
Cloud security - The Cloud is as Secure as you want it to be! - Indicthreads ...
Cloud security - The Cloud is as Secure as you want it to be! - Indicthreads ...Cloud security - The Cloud is as Secure as you want it to be! - Indicthreads ...
Cloud security - The Cloud is as Secure as you want it to be! - Indicthreads ...IndicThreads
 
Samsung knox security_solution_v1_10_0
Samsung knox security_solution_v1_10_0Samsung knox security_solution_v1_10_0
Samsung knox security_solution_v1_10_0Javier Gonzalez
 
Securing the Smart Grid with SafeNet HSMs
Securing the Smart Grid with SafeNet HSMsSecuring the Smart Grid with SafeNet HSMs
Securing the Smart Grid with SafeNet HSMsSafeNet
 
Security and Mobile Application Management with Worklight
Security and Mobile Application Management with WorklightSecurity and Mobile Application Management with Worklight
Security and Mobile Application Management with WorklightIBM WebSphereIndia
 
Blockchain Defined Perimeter (BDP) - Experience the power of Software Defined...
Blockchain Defined Perimeter (BDP) - Experience the power of Software Defined...Blockchain Defined Perimeter (BDP) - Experience the power of Software Defined...
Blockchain Defined Perimeter (BDP) - Experience the power of Software Defined...Block Armour
 
Block Armour Blockchain Defined Perimeter Brochure
Block Armour Blockchain Defined Perimeter BrochureBlock Armour Blockchain Defined Perimeter Brochure
Block Armour Blockchain Defined Perimeter BrochureBlock Armour
 
Make the Smartcard great again
Make the Smartcard great againMake the Smartcard great again
Make the Smartcard great againEric Larcheveque
 
Rebooting the smartcard
Rebooting the smartcardRebooting the smartcard
Rebooting the smartcardEric Larcheveque
 
Public key authentication is the most secure colution and utilizes a.pdf
Public key authentication is the most secure colution and utilizes a.pdfPublic key authentication is the most secure colution and utilizes a.pdf
Public key authentication is the most secure colution and utilizes a.pdfmohammadirfan136964
 
Dennis hoppe droidcon_2014_slide_deck_screen
Dennis hoppe droidcon_2014_slide_deck_screenDennis hoppe droidcon_2014_slide_deck_screen
Dennis hoppe droidcon_2014_slide_deck_screenHeinrich Seeger
 
Hasan hosgel moosecon_2013_customers_choice fullsize
Hasan hosgel moosecon_2013_customers_choice fullsizeHasan hosgel moosecon_2013_customers_choice fullsize
Hasan hosgel moosecon_2013_customers_choice fullsizeHeinrich Seeger
 

More Related Content

Similar to Key2Share: NFC-enabled Smartphone-based Access Control

Access Control in Enterprises with Key2Share
Access Control in Enterprises with Key2ShareAccess Control in Enterprises with Key2Share
Access Control in Enterprises with Key2ShareFaheem Nadeem
 
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud ComputingSmart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud ComputingOKsystem
 
SmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketSmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketOKsystem
 
Mobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistantMobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistantVladimir Jirasek
 
Securing online services by combining smart cards and web-based applications
Securing online services by combining smart cards and web-based applicationsSecuring online services by combining smart cards and web-based applications
Securing online services by combining smart cards and web-based applicationsOlivier Potonniée
 
Droidcon2013 key2 share_dmitrienko_fraunhofer
Droidcon2013 key2 share_dmitrienko_fraunhoferDroidcon2013 key2 share_dmitrienko_fraunhofer
Droidcon2013 key2 share_dmitrienko_fraunhoferDroidcon Berlin
 
ASFWS 2011 - Secure software development for mobile devices
ASFWS 2011 - Secure software development for mobile devicesASFWS 2011 - Secure software development for mobile devices
ASFWS 2011 - Secure software development for mobile devicesCyber Security Alliance
 
Cloud security - The Cloud is as Secure as you want it to be! - Indicthreads ...
Cloud security - The Cloud is as Secure as you want it to be! - Indicthreads ...Cloud security - The Cloud is as Secure as you want it to be! - Indicthreads ...
Cloud security - The Cloud is as Secure as you want it to be! - Indicthreads ...IndicThreads
 
Samsung knox security_solution_v1_10_0
Samsung knox security_solution_v1_10_0Samsung knox security_solution_v1_10_0
Samsung knox security_solution_v1_10_0Javier Gonzalez
 
Securing the Smart Grid with SafeNet HSMs
Securing the Smart Grid with SafeNet HSMsSecuring the Smart Grid with SafeNet HSMs
Securing the Smart Grid with SafeNet HSMsSafeNet
 
Security and Mobile Application Management with Worklight
Security and Mobile Application Management with WorklightSecurity and Mobile Application Management with Worklight
Security and Mobile Application Management with WorklightIBM WebSphereIndia
 
Blockchain Defined Perimeter (BDP) - Experience the power of Software Defined...
Blockchain Defined Perimeter (BDP) - Experience the power of Software Defined...Blockchain Defined Perimeter (BDP) - Experience the power of Software Defined...
Blockchain Defined Perimeter (BDP) - Experience the power of Software Defined...Block Armour
 
Block Armour Blockchain Defined Perimeter Brochure
Block Armour Blockchain Defined Perimeter BrochureBlock Armour Blockchain Defined Perimeter Brochure
Block Armour Blockchain Defined Perimeter BrochureBlock Armour
 
Make the Smartcard great again
Make the Smartcard great againMake the Smartcard great again
Make the Smartcard great againEric Larcheveque
 
Public key authentication is the most secure colution and utilizes a.pdf
Public key authentication is the most secure colution and utilizes a.pdfPublic key authentication is the most secure colution and utilizes a.pdf
Public key authentication is the most secure colution and utilizes a.pdfmohammadirfan136964
 

Similar to Key2Share: NFC-enabled Smartphone-based Access Control (20)

Access Control in Enterprises with Key2Share
Access Control in Enterprises with Key2ShareAccess Control in Enterprises with Key2Share
Access Control in Enterprises with Key2Share
 
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud ComputingSmart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
 
SmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketSmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication market
 
Single Sign-On for Mobile
Single Sign-On for MobileSingle Sign-On for Mobile
Single Sign-On for Mobile
 
Mobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistantMobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistant
 
Securing online services by combining smart cards and web-based applications
Securing online services by combining smart cards and web-based applicationsSecuring online services by combining smart cards and web-based applications
Securing online services by combining smart cards and web-based applications
 
Droidcon2013 key2 share_dmitrienko_fraunhofer
Droidcon2013 key2 share_dmitrienko_fraunhoferDroidcon2013 key2 share_dmitrienko_fraunhofer
Droidcon2013 key2 share_dmitrienko_fraunhofer
 
ASFWS 2011 - Secure software development for mobile devices
ASFWS 2011 - Secure software development for mobile devicesASFWS 2011 - Secure software development for mobile devices
ASFWS 2011 - Secure software development for mobile devices
 
Webinar on Enterprise Security & android
Webinar on Enterprise Security & androidWebinar on Enterprise Security & android
Webinar on Enterprise Security & android
 
Beam datasheet final 7 28-12
Beam datasheet final 7 28-12Beam datasheet final 7 28-12
Beam datasheet final 7 28-12
 
A wearable token system
A wearable token systemA wearable token system
A wearable token system
 
Cloud security - The Cloud is as Secure as you want it to be! - Indicthreads ...
Cloud security - The Cloud is as Secure as you want it to be! - Indicthreads ...Cloud security - The Cloud is as Secure as you want it to be! - Indicthreads ...
Cloud security - The Cloud is as Secure as you want it to be! - Indicthreads ...
 
Samsung knox security_solution_v1_10_0
Samsung knox security_solution_v1_10_0Samsung knox security_solution_v1_10_0
Samsung knox security_solution_v1_10_0
 
Securing the Smart Grid with SafeNet HSMs
Securing the Smart Grid with SafeNet HSMsSecuring the Smart Grid with SafeNet HSMs
Securing the Smart Grid with SafeNet HSMs
 
Security and Mobile Application Management with Worklight
Security and Mobile Application Management with WorklightSecurity and Mobile Application Management with Worklight
Security and Mobile Application Management with Worklight
 
Blockchain Defined Perimeter (BDP) - Experience the power of Software Defined...
Blockchain Defined Perimeter (BDP) - Experience the power of Software Defined...Blockchain Defined Perimeter (BDP) - Experience the power of Software Defined...
Blockchain Defined Perimeter (BDP) - Experience the power of Software Defined...
 
Block Armour Blockchain Defined Perimeter Brochure
Block Armour Blockchain Defined Perimeter BrochureBlock Armour Blockchain Defined Perimeter Brochure
Block Armour Blockchain Defined Perimeter Brochure
 
Make the Smartcard great again
Make the Smartcard great againMake the Smartcard great again
Make the Smartcard great again
 
Rebooting the smartcard
Rebooting the smartcardRebooting the smartcard
Rebooting the smartcard
 
Public key authentication is the most secure colution and utilizes a.pdf
Public key authentication is the most secure colution and utilizes a.pdfPublic key authentication is the most secure colution and utilizes a.pdf
Public key authentication is the most secure colution and utilizes a.pdf
 

More from Heinrich Seeger

Dennis hoppe droidcon_2014_slide_deck_screen
Dennis hoppe droidcon_2014_slide_deck_screenDennis hoppe droidcon_2014_slide_deck_screen
Dennis hoppe droidcon_2014_slide_deck_screenHeinrich Seeger
 
Hasan hosgel moosecon_2013_customers_choice fullsize
Hasan hosgel moosecon_2013_customers_choice fullsizeHasan hosgel moosecon_2013_customers_choice fullsize
Hasan hosgel moosecon_2013_customers_choice fullsizeHeinrich Seeger
 
Moosecon rcs for developers
Moosecon rcs for developersMoosecon rcs for developers
Moosecon rcs for developersHeinrich Seeger
 
Mobile apps on the big screen
Mobile apps on the big screenMobile apps on the big screen
Mobile apps on the big screenHeinrich Seeger
 
Push notification generaltalk
Push notification generaltalkPush notification generaltalk
Push notification generaltalkHeinrich Seeger
 
Backendasaservice apiomat
Backendasaservice apiomatBackendasaservice apiomat
Backendasaservice apiomatHeinrich Seeger
 
Push notification technicaltalk
Push notification technicaltalkPush notification technicaltalk
Push notification technicaltalkHeinrich Seeger
 
Moosecon native apps_blackberry_10-optimized
Moosecon native apps_blackberry_10-optimizedMoosecon native apps_blackberry_10-optimized
Moosecon native apps_blackberry_10-optimizedHeinrich Seeger
 
Mooscon 2013 cebit - google integration in android apps (1)
Mooscon 2013 cebit - google integration in android apps (1)Mooscon 2013 cebit - google integration in android apps (1)
Mooscon 2013 cebit - google integration in android apps (1)Heinrich Seeger
 
Dev mobile apps ent it final
Dev mobile apps ent it finalDev mobile apps ent it final
Dev mobile apps ent it finalHeinrich Seeger
 

More from Heinrich Seeger (11)

Dennis hoppe droidcon_2014_slide_deck_screen
Dennis hoppe droidcon_2014_slide_deck_screenDennis hoppe droidcon_2014_slide_deck_screen
Dennis hoppe droidcon_2014_slide_deck_screen
 
Hasan hosgel moosecon_2013_customers_choice fullsize
Hasan hosgel moosecon_2013_customers_choice fullsizeHasan hosgel moosecon_2013_customers_choice fullsize
Hasan hosgel moosecon_2013_customers_choice fullsize
 
Moosecon rcs for developers
Moosecon rcs for developersMoosecon rcs for developers
Moosecon rcs for developers
 
Mobile apps on the big screen
Mobile apps on the big screenMobile apps on the big screen
Mobile apps on the big screen
 
Push notification generaltalk
Push notification generaltalkPush notification generaltalk
Push notification generaltalk
 
Backendasaservice apiomat
Backendasaservice apiomatBackendasaservice apiomat
Backendasaservice apiomat
 
Paypal
PaypalPaypal
Paypal
 
Push notification technicaltalk
Push notification technicaltalkPush notification technicaltalk
Push notification technicaltalk
 
Moosecon native apps_blackberry_10-optimized
Moosecon native apps_blackberry_10-optimizedMoosecon native apps_blackberry_10-optimized
Moosecon native apps_blackberry_10-optimized
 
Mooscon 2013 cebit - google integration in android apps (1)
Mooscon 2013 cebit - google integration in android apps (1)Mooscon 2013 cebit - google integration in android apps (1)
Mooscon 2013 cebit - google integration in android apps (1)
 
Dev mobile apps ent it final
Dev mobile apps ent it finalDev mobile apps ent it final
Dev mobile apps ent it final
 

Recently uploaded

Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfngoud9212
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 

Recently uploaded (20)

Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdf
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 

Key2Share: NFC-enabled Smartphone-based Access Control

  • 1. Key2Share: NFC-enabled Smartphone-based Access Control Alexandra Dmitrienko Cyberphysical Mobile Systems Security Group Fraunhofer SIT, Darmstadt In collaboration with TU Darmstadt, Center for Advanced Security Research in Darmstadt (CASED), Intel Collaborative Research Institute for Secure Computing (ICRI-SC) at TU-Darmstadt, Bosch Security Systems
  • 2. Near Field Communication (NFC) Applications + NFC = services in one touch mPayments mTicketing
  • 3. Why not Using a Smartphone as a Key? + NFC =
  • 4. Smartphone as a Door Key  Access control by enterprises to their facilities  Access control in private sector (houses, garages) 4
  • 5. Smartphone as a Door Key  Access to hotel rooms 5
  • 6. Smartphone as a Car Key/Immobilizer  Fleet management by enterprises  Car sharing with family members or friends 6
  • 7. Smartphone as a Car Key/Immobilizer  Car sharing by rental/car sharing companies 7
  • 8. Smartphone for Access to Storage Facilities  Access to safes in hotel rooms  Lockers in luggage storage at train stations/airports DHL packing stations 8
  • 9. Smartphone for Access to Storage Facilities  DHL packstations 9
  • 10. Smartphone for Access to Facilities  E.g., parking houses 10
  • 11. Usual Keys vs. SmartCards vs. Key2Share Usual Keys SmartCards Key2Share Distribution Requires physical Requires physical Remote access access Revocation Requires physical Remote Remote access or replacement of the lock Delegation Not possible Not possible Possible Context-aware Not possible Possible Possible access (e.g., time frame) 11
  • 12. Key2Share: System Architecture Issuer 1. Employ the employee/sell the car Users Key2Share 2. One-time registration web-service 3. Electronic key issued 5. Share key 4. User Authentication with the issued key 6. User Authentication with the shared key Resources Delegated users 12
  • 13. Key Sharing  The key to be shared is represented as a QR-code  Can be sent to the recipient per e-mail, MMS or scanned by a camera of another device
  • 14. QR Code: What’s Inside?  Electronic keys of Key2Share are similar to passports Issued by a central authority Government Enterprise Issued for a particular entity Citizen Employee Public (not a secret) Yes Yes (encrypted) Has binding to an identity of Cryptographic key Photo an entity it is issued for bound to the platform 14
  • 15. Key2Share Security Platform Security Secure communication protocols 15
  • 16. Protocol Security Well-established cryptographic primitives (AES, SHA-1, RSA) Formal security proof of the protocols Formal tool-aided verification of protocols 16
  • 17. Platform Security  Different trade-offs between security and requirements to a mobile device Less secure More secure Built-in Security System level software-based Hardware-based Mechanisms of Mobile OS security extensions security extensions No extra requirements to Requires update of system Requires support in mobile hardware and software (e.g., OS) hardware. Available system software (e.g., only on some operating system) mobile platforms 17
  • 18. Platform Security Software-based security Hardware-based security extensions extensions  provided by BizzTrust  Require support in hardware architecture  e.g., Giesecke & Devrient Mobile Security Card http://www.gd-  http://www.bizztrust.de/ sfs.com/the-mobile-security- card/  Can be attached to the device via microSD card slot 18
  • 19. Supported Platforms  Android NFC-enabled platforms (e.g., Samsung Nexus S, Galaxy S3) 19
  • 20. Summary Flexible access rights:  policy-based  easy delegation  remote revocation  managable
  • 21. Current Work Proof of Concept with Bosch Security Systems:  Key2Share as Access Pass  Key2Share as Building Block in Bosch‘s „Access-Control-as-a-Service“  Compatibility with already deployed infrastructure (wireless readers, management software)