Secure logging mechanisms for smart cards

Abstract

This thesis investigates the implementation of secure log file handling mechanisms in the light of recent smart card improvements. Initially, we examine how smart cards evolved from single application cards into true multi-application cards. Additionally, we present the most recent architectures (client application interfaces) that enable client applications to interface with smart card applications. Previous proposals for maintaining log files in smart cards are very limited and mostly theoretical. We examine those most related to smart cards along with presenting the very few real world examples of log files. We go on to examine the new events that required logging along with the requirements of the entities involved. Subsequently, we describe an ideal event-logging model for a multi-application smart card environment. To meet the identified requirements, we describe the details of a smart card entity that is responsible for dynamically updating the smart card log files. In that context, along with providing adequate log file space management, we propose a possible standard log file format for smart cards. In the core part of the thesis we describe three different smart card log file download protocols, the selection of which depends on the requirements of the entities involved. These protocols download audit data to another entity that does not suffer from immediate storage restrictions. Finally, we describe implementation details and performance measurements of both the log file download protocol and the standard log file format in two of the most advanced multi application smart cards.