SlideShare a Scribd company logo

Key2 share moosecon

Heinrich Seeger, profile picture
Heinrich Seeger

Key2Share is a system that allows smartphones to be used for access control via Near Field Communication (NFC). It issues digital keys that are represented as QR codes and can be shared remotely. This provides flexible access control with options for easy key delegation, remote revocation of access, and management of access rights. A proof of concept has been developed with Bosch Security Systems to integrate Key2Share into their existing access control infrastructure. The system aims to provide secure access control via smartphones while balancing security and compatibility with mobile devices.

Technology
1 of 22
Downloaded 14 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
Key2Share: NFC-enabled Smartphone-based Access Control Alexandra Dmitrienko Cyberphysical Mobile Systems Security Group Fraunhofer SIT, Darmstadt In collaboration with TU Darmstadt, Center for Advanced Security Research in Darmstadt (CASED), Intel Collaborative Research Institute for Secure Computing (ICRI-SC) at TU-Darmstadt, Bosch Security Systems
Near Field Communication (NFC) Applications + NFC = services in one touch mPayments mTicketing
Why not Using a Smartphone as a Key? + NFC =
Smartphone as a Door Key  Access control by enterprises to their facilities  Access control in private sector (houses, garages) 4
Smartphone as a Door Key  Access to hotel rooms 5
Smartphone as a Car Key/Immobilizer  Fleet management by enterprises  Car sharing with family members or friends 6
Smartphone as a Car Key/Immobilizer  Car sharing by rental/car sharing companies 7
Smartphone for Access to Storage Facilities  Access to safes in hotel rooms  Lockers in luggage storage at train stations/airports DHL packing stations 8
Smartphone for Access to Storage Facilities  DHL packstations 9
Smartphone for Access to Facilities  E.g., parking houses 10
Usual Keys vs. SmartCards vs. Key2Share Usual Keys SmartCards Key2Share Distribution Requires physical Requires physical Remote access access Revocation Requires physical Remote Remote access or replacement of the lock Delegation Not possible Not possible Possible Context-aware Not possible Possible Possible access (e.g., time frame) 11
Key2Share: System Architecture Issuer 1. Employ the employee/sell the car Users Key2Share 2. One-time registration web-service 3. Electronic key issued 5. Share key 4. User Authentication with the issued key 6. User Authentication with the shared key Resources Delegated users 12
Key Sharing  The key to be shared is represented as a QR-code  Can be sent to the recipient per e-mail, MMS or scanned by a camera of another device
QR Code: What’s Inside?  Electronic keys of Key2Share are similar to passports Issued by a central authority Government Enterprise Issued for a particular entity Citizen Employee Public (not a secret) Yes Yes (encrypted) Has binding to an identity of Cryptographic key Photo an entity it is issued for bound to the platform 14
Key2Share Security Platform Security Secure communication protocols 15
Protocol Security Well-established cryptographic primitives (AES, SHA-1, RSA) Formal security proof of the protocols Formal tool-aided verification of protocols 16
Platform Security  Different trade-offs between security and requirements to a mobile device Less secure More secure Built-in Security System level software-based Hardware-based Mechanisms of Mobile OS security extensions security extensions No extra requirements to Requires update of system Requires support in mobile hardware and software (e.g., OS) hardware. Available system software (e.g., only on some operating system) mobile platforms 17
Platform Security Software-based security Hardware-based security extensions extensions  provided by BizzTrust  Require support in hardware architecture  e.g., Giesecke & Devrient Mobile Security Card http://www.gd-  http://www.bizztrust.de/ sfs.com/the-mobile-security- card/  Can be attached to the device via microSD card slot 18
Supported Platforms  Android NFC-enabled platforms (e.g., Samsung Nexus S, Galaxy S3) 19
Summary Flexible access rights:  policy-based  easy delegation  remote revocation  managable
Current Work Proof of Concept with Bosch Security Systems:  Key2Share as Access Pass  Key2Share as Building Block in Bosch‘s „Access-Control-as-a-Service“  Compatibility with already deployed infrastructure (wireless readers, management software)
Thank you alexandra.dmitrienko@sit.fraunhofer.de 22

More Related Content

PDF
Crowdshare, Secure Resource Sharing in Mobile Crowds
Heinrich Seeger
 
PDF
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
Editor IJMTER
 
DOCX
38
ieeeprojectsvadapalani
 
PDF
www.ijerd.com
IJERD Editor
 
PDF
Network security dotnet
Dhamu Mca
 
PDF
Dotnet tiltle for 2012 c
tema_solution
 
PDF
575 579
Editor IJARCET
 
PDF
IRJET- Improved Identity-based Anonymous Broadcast Encryption with Chosen Cip...
IRJET Journal
 
Crowdshare, Secure Resource Sharing in Mobile Crowds
Heinrich Seeger
 
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE
Editor IJMTER
 
38
ieeeprojectsvadapalani
 
www.ijerd.com
IJERD Editor
 
Network security dotnet
Dhamu Mca
 
Dotnet tiltle for 2012 c
tema_solution
 
575 579
Editor IJARCET
 
IRJET- Improved Identity-based Anonymous Broadcast Encryption with Chosen Cip...
IRJET Journal
 

Similar to Key2 share moosecon (20)

PDF
Access Control in Enterprises with Key2Share
Faheem Nadeem
 
PDF
Connections Summit - Security & Blockchain Track
NFC Forum
 
PDF
Droidcon2013 key2 share_dmitrienko_fraunhofer
Droidcon Berlin
 
PDF
ASFWS 2011 - Secure software development for mobile devices
Cyber Security Alliance
 
PDF
Smart Cards & Devices Forum 2012 - Mobile ID usnadňuje život jak uživatelům, ...
OKsystem
 
PDF
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
OKsystem
 
PDF
C0c0n 2011 mobile security presentation v1.2
Santosh Satam
 
PDF
Assurity seminar 24 jan
Jason Kong
 
PDF
droidcon 2012: What's the Hack is NFC .., Hauke Meyn, NXP
Droidcon Berlin
 
PDF
SmartCard Forum 2010 - Secured Access for enterprise
OKsystem
 
PPTX
CTS 2012: Rogers & Mobile Payments
Rogers Communications
 
PDF
Over the Air 2011 Security Workshop
Ericsson Labs
 
PDF
Secure it mobile_comms
wangqiang6100
 
PPTX
Webinar on Enterprise Security & android
Endeavour Software Technologies
 
PPTX
Securing online services by combining smart cards and web-based applications
Olivier Potonniée
 
PPTX
Securing hand held computing devices
jraja01
 
PPSX
information highway
ALTANAI BISHT
 
PPT
Mobile Apps Security
Xavier Mertens
 
PDF
Entrust Physical & Logical Access Solutions
Entrust Datacard
 
PDF
SmartCard Forum 2011 - Evolution of authentication market
OKsystem
 
Access Control in Enterprises with Key2Share
Faheem Nadeem
 
Connections Summit - Security & Blockchain Track
NFC Forum
 
Droidcon2013 key2 share_dmitrienko_fraunhofer
Droidcon Berlin
 
ASFWS 2011 - Secure software development for mobile devices
Cyber Security Alliance
 
Smart Cards & Devices Forum 2012 - Mobile ID usnadňuje život jak uživatelům, ...
OKsystem
 
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
OKsystem
 
C0c0n 2011 mobile security presentation v1.2
Santosh Satam
 
Assurity seminar 24 jan
Jason Kong
 
droidcon 2012: What's the Hack is NFC .., Hauke Meyn, NXP
Droidcon Berlin
 
SmartCard Forum 2010 - Secured Access for enterprise
OKsystem
 
CTS 2012: Rogers & Mobile Payments
Rogers Communications
 
Over the Air 2011 Security Workshop
Ericsson Labs
 
Secure it mobile_comms
wangqiang6100
 
Webinar on Enterprise Security & android
Endeavour Software Technologies
 
Securing online services by combining smart cards and web-based applications
Olivier Potonniée
 
Securing hand held computing devices
jraja01
 
information highway
ALTANAI BISHT
 
Mobile Apps Security
Xavier Mertens
 
Entrust Physical & Logical Access Solutions
Entrust Datacard
 
SmartCard Forum 2011 - Evolution of authentication market
OKsystem
 
Ad

More from Heinrich Seeger (11)

PDF
Dennis hoppe droidcon_2014_slide_deck_screen
Heinrich Seeger
 
PDF
Hasan hosgel moosecon_2013_customers_choice fullsize
Heinrich Seeger
 
PDF
Moosecon rcs for developers
Heinrich Seeger
 
PDF
Mobile apps on the big screen
Heinrich Seeger
 
PDF
Push notification generaltalk
Heinrich Seeger
 
PDF
Backendasaservice apiomat
Heinrich Seeger
 
PDF
Paypal
Heinrich Seeger
 
PDF
Push notification technicaltalk
Heinrich Seeger
 
PDF
Moosecon native apps_blackberry_10-optimized
Heinrich Seeger
 
PDF
Mooscon 2013 cebit - google integration in android apps (1)
Heinrich Seeger
 
PDF
Dev mobile apps ent it final
Heinrich Seeger
 
Dennis hoppe droidcon_2014_slide_deck_screen
Heinrich Seeger
 
Hasan hosgel moosecon_2013_customers_choice fullsize
Heinrich Seeger
 
Moosecon rcs for developers
Heinrich Seeger
 
Mobile apps on the big screen
Heinrich Seeger
 
Push notification generaltalk
Heinrich Seeger
 
Backendasaservice apiomat
Heinrich Seeger
 
Paypal
Heinrich Seeger
 
Push notification technicaltalk
Heinrich Seeger
 
Moosecon native apps_blackberry_10-optimized
Heinrich Seeger
 
Mooscon 2013 cebit - google integration in android apps (1)
Heinrich Seeger
 
Dev mobile apps ent it final
Heinrich Seeger
 
Ad

Recently uploaded (20)

PDF
ENT215_Completing-a-large-scale-migration-and-modernization-with-AWS.pdf
ssuser28425f
 
PPTX
MicrosoftCybserSecurityReferenceArchitecture-April-2025.pptx
SilvioHayashi
 
PDF
DASA ADMISSION 2024_FirstRound_FirstRank_LastRank.pdf
rameswartudu05
 
PDF
project resource management chapter-09.pdf
ssuser00e6e21
 
PPTX
OMC Textile Division Presentation 2021.pptx
JahangirAlam816069
 
PPT
Module 1.ppt Iot fundamentals and Architecture
nanditha7766
 
PDF
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
PDF
August Patch Tuesday
Ivanti
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PDF
DP Operators-handbook-extract for the Mautical Institute
LeonelMejiaLarios
 
PDF
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
PDF
Web App vs Mobile App What Should You Build First.pdf
KodekX
 
PDF
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
PDF
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
PDF
TrustArc Webinar - Click, Consent, Trust: Winning the Privacy Game
TrustArc
 
PDF
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
PDF
Microsoft Solutions Partner Drive Digital Transformation with D365.pdf
Microsoft Dynamics
 
PDF
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
PPTX
O2C Customer Invoices to Receipt V15A.pptx
ssuserbfa915
 
PDF
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
ENT215_Completing-a-large-scale-migration-and-modernization-with-AWS.pdf
ssuser28425f
 
MicrosoftCybserSecurityReferenceArchitecture-April-2025.pptx
SilvioHayashi
 
DASA ADMISSION 2024_FirstRound_FirstRank_LastRank.pdf
rameswartudu05
 
project resource management chapter-09.pdf
ssuser00e6e21
 
OMC Textile Division Presentation 2021.pptx
JahangirAlam816069
 
Module 1.ppt Iot fundamentals and Architecture
nanditha7766
 
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
August Patch Tuesday
Ivanti
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
DP Operators-handbook-extract for the Mautical Institute
LeonelMejiaLarios
 
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
Web App vs Mobile App What Should You Build First.pdf
KodekX
 
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
TrustArc Webinar - Click, Consent, Trust: Winning the Privacy Game
TrustArc
 
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
Microsoft Solutions Partner Drive Digital Transformation with D365.pdf
Microsoft Dynamics
 
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
O2C Customer Invoices to Receipt V15A.pptx
ssuserbfa915
 
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 

Key2 share moosecon

  • 1. Key2Share: NFC-enabled Smartphone-based Access Control Alexandra Dmitrienko Cyberphysical Mobile Systems Security Group Fraunhofer SIT, Darmstadt In collaboration with TU Darmstadt, Center for Advanced Security Research in Darmstadt (CASED), Intel Collaborative Research Institute for Secure Computing (ICRI-SC) at TU-Darmstadt, Bosch Security Systems
  • 2. Near Field Communication (NFC) Applications + NFC = services in one touch mPayments mTicketing
  • 3. Why not Using a Smartphone as a Key? + NFC =
  • 4. Smartphone as a Door Key  Access control by enterprises to their facilities  Access control in private sector (houses, garages) 4
  • 5. Smartphone as a Door Key  Access to hotel rooms 5
  • 6. Smartphone as a Car Key/Immobilizer  Fleet management by enterprises  Car sharing with family members or friends 6
  • 7. Smartphone as a Car Key/Immobilizer  Car sharing by rental/car sharing companies 7
  • 8. Smartphone for Access to Storage Facilities  Access to safes in hotel rooms  Lockers in luggage storage at train stations/airports DHL packing stations 8
  • 9. Smartphone for Access to Storage Facilities  DHL packstations 9
  • 10. Smartphone for Access to Facilities  E.g., parking houses 10
  • 11. Usual Keys vs. SmartCards vs. Key2Share Usual Keys SmartCards Key2Share Distribution Requires physical Requires physical Remote access access Revocation Requires physical Remote Remote access or replacement of the lock Delegation Not possible Not possible Possible Context-aware Not possible Possible Possible access (e.g., time frame) 11
  • 12. Key2Share: System Architecture Issuer 1. Employ the employee/sell the car Users Key2Share 2. One-time registration web-service 3. Electronic key issued 5. Share key 4. User Authentication with the issued key 6. User Authentication with the shared key Resources Delegated users 12
  • 13. Key Sharing  The key to be shared is represented as a QR-code  Can be sent to the recipient per e-mail, MMS or scanned by a camera of another device
  • 14. QR Code: What’s Inside?  Electronic keys of Key2Share are similar to passports Issued by a central authority Government Enterprise Issued for a particular entity Citizen Employee Public (not a secret) Yes Yes (encrypted) Has binding to an identity of Cryptographic key Photo an entity it is issued for bound to the platform 14
  • 15. Key2Share Security Platform Security Secure communication protocols 15
  • 16. Protocol Security Well-established cryptographic primitives (AES, SHA-1, RSA) Formal security proof of the protocols Formal tool-aided verification of protocols 16
  • 17. Platform Security  Different trade-offs between security and requirements to a mobile device Less secure More secure Built-in Security System level software-based Hardware-based Mechanisms of Mobile OS security extensions security extensions No extra requirements to Requires update of system Requires support in mobile hardware and software (e.g., OS) hardware. Available system software (e.g., only on some operating system) mobile platforms 17
  • 18. Platform Security Software-based security Hardware-based security extensions extensions  provided by BizzTrust  Require support in hardware architecture  e.g., Giesecke & Devrient Mobile Security Card http://www.gd-  http://www.bizztrust.de/ sfs.com/the-mobile-security- card/  Can be attached to the device via microSD card slot 18
  • 19. Supported Platforms  Android NFC-enabled platforms (e.g., Samsung Nexus S, Galaxy S3) 19
  • 20. Summary Flexible access rights:  policy-based  easy delegation  remote revocation  managable
  • 21. Current Work Proof of Concept with Bosch Security Systems:  Key2Share as Access Pass  Key2Share as Building Block in Bosch‘s „Access-Control-as-a-Service“  Compatibility with already deployed infrastructure (wireless readers, management software)