Smart cards are examples of advanced chip technology. They allow information transfer between the card holder and the system over secure networks, but they contain sensitive data related to both the card holder and the system, that has to be kept private and confidential.The aim of the research is to conduct a risk management programme on the smart cards systems that are employed in e-business systems, suggest the best safeguards to be applied to better secure the smart card systems depending on the services and applications the smart card serves, and produce a simulation tool using a high level of abstraction programming language to be able to test the robustness of the proposed solutions.The study contributions are producing a Risk Analysis Guide specifically on smart card systems to support managerial decision making, modelling the current and proposed smart card systems including modelling the possible attacks using the Unified Modelling Language (UML) diagrams, and developing an executable model using SystemC and Transaction Level Modelling (TLM)extensions, which is a new way of modelling and testing smart card systems security.The security objectives have to be considered during the early stages of systems development and design; an executable model will give the designer the advantage of identifying vulnerabilities at an early stage, and therefore enhance the system security. The developed model is used to examine the effectiveness of number of authentication mechanisms with different probabilities of failure. Numbers of probable attacks on the current security protocol are modeled to identify vulnerabilities. The executable model shows that the smart card system security protocols and transactions need further improvement to withstand different types of security attacks.
展开▼
