The Aegis: UICC-Based Security Framework

The mobile network operators (MNOs) would like to ensure the high level of security of their services to their customers without any inefficiency and protect their own business models from any adversary. However, due to the constraints of the mobile handsets, the dreams had seemed to be difficult to be realized till now. As the 3G mobile network has spread out widely and the technologies of smart cards have been improved drastically, the UICC arose as the personal security infrastructure to realize the dreams of MNOs. This ideal medium possesses lots of the inherent security features and also is owned and issued by MNOs.In this paper we propose a novel UICC-based security framework named by the Aegis. The architecture of the Aegis was designed and are now being developed to support the security technologies such as DRM, PKI and TLS/SSL based on Java Card Platform (JCP), the de-facto smart card platform. We described the architecture and the applications of the Aegis in detail.

[1]  J.P. Tual,et al.  USB full speed enabled smart cards for consumer electronics applications , 2005, Proceedings of the Ninth International Symposium on Consumer Electronics, 2005. (ISCE 2005)..

[2]  M. Myers,et al.  Online Certificate Status Protocol-OCSP , 1999 .

[3]  Wolfgang Rankl,et al.  Smart Card Handbook , 1997 .

[4]  Patrick Schaumont,et al.  Java cryptography on KVM and its performance and security optimization using HW/SW co-design techniques , 2004, CASES '04.

[5]  Pascal Urien,et al.  Toward SSL integration in SIM SmartCards , 2004, 2004 IEEE Wireless Communications and Networking Conference (IEEE Cat. No.04TH8733).

[6]  Z. Chen Java Card Technology for Smart Cards: Architecture and Programmer''s Guide. The Java Series. Addis , 2000 .

[7]  Konstantin Hyppönen,et al.  SIM-enabled Open Mobile Payment System Based on Nation-wide PKI , 2007, ISSE.

[8]  Xiaohu Tang,et al.  Secure DRM scheme for future mobile networks based on trusted mobile platform , 2005, Proceedings. 2005 International Conference on Wireless Communications, Networking and Mobile Computing, 2005..

[9]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.1 , 2006, RFC.

[10]  Helena Handschuh,et al.  High Density Smart Cards: New Security Challenges and Applications , 2007, ISSE.

[11]  Hitesh Tewari,et al.  Performance analysis of cryptographic protocols on handheld devices , 2004, Third IEEE International Symposium on Network Computing and Applications, 2004. (NCA 2004). Proceedings..

[12]  Helena Handschuh,et al.  Smart Card Crypto-Coprocessors for Public-Key Cryptography , 1998, CARDIS.